Jun 11
2020
How to Eliminate the Biggest Threat to Healthcare Privacy and Security: Print and Capture
By Mark Gross, senior principal product manager, Kofax
When it comes to data security, healthcare organizations are stuck between a rock and a hard place. To provide proper patient care, their staff needs access to the right information, and quickly. At the same time, the law requires them to protect the sensitive data included in electronic medical records (EMR).
A wide array of devices are used to collect and transmit patient data – including computers, mobile devices, IV pumps and X-ray machines. Today, all of these are connected to the internet, the hospital network and other medical technologies, even though many of them have few, or no, security protocols in place.
The situation’s made even more complex by the public nature of hospital environments. Many connected devices containing sensitive data are left unattended, leaving the entire network exposed. The result’s an increase in cyber and data security threats.
Right now, nearly all healthcare organizations are facing an added challenge brought on by the COVID-19 global pandemic. Many healthcare workers aren’t working in their normal environments, they’re helping in other departments, hospitals and even pop-up field hospitals. With all the displaced healthcare workers, their normal print and capture workflows are left behind with their devices—and the security of the patient data contained in documents printed or scanned elsewhere may be at risk.
Healthcare organizations need a comprehensive security strategy to protect against a breach. The best of these is a systematic approach that tests all connected devices for vulnerabilities. Once identified, security threats should be prioritized so the most severe can be addressed quickly. Regular software updates and patches are just as important, as is replacing outdated equipment with new devices that have security built in.
Because they don’t stand out as threats, multifunction devices, printers and imaging devices are often overlooked during security reviews. In reality, however, both of these handle a lot more data than people realize.