Tag: Medigate

Clinical Zero Trust: The Time Is Right In Healthcare

By Jamison Utter, director of product evangelism, Medigate.

Jamison Utter

Last year (2020) was a year of chaos, and one that demonstrated why robust cybersecurity is an essential priority for all healthcare organizations. From COVID-19 disruptions to rapidly increasing networks of managed and unmanaged devices, it’s never been more important to secure the critical infrastructure that forms the basis of clinical care.

This is easier said than done- after all, the growing reliance on digital platforms has opened opportunities for increased attacks and raised questions about data collection and privacy. Threats like Ryuk and other high-profile breaches made a notable impact on the industry’s understanding of cybersecurity, not only for their monetary implications, but the significant operational disruptions that these incidents caused. On a national level, we’re seeing care networks expanding alongside access to telehealth services and the implementation of remote patient monitoring tools– with significant amounts of PHI being broadcast and analyzed each day.

When looking at these trends, there are two immediate realizations that all healthcare leaders should understand: 1) the rate of attacks is only going to increase as healthcare operations become smarter and more connected and 2) we need a better solution that works alongside clinical practitioners, biomed departments and organizational leaders even as it protects them from malicious attackers. For many of these concerns, the answer is Zero Trust, or more specifically, Clinical Zero Trust (CZT), that is uniquely attuned to the needs of the healthcare industry.

What Is Clinical Zero Trust?

Zero Trust represents the concept of “trust nothing, verify everything” in terms of cybersecurity. It has since grown to represent a networking approach that centers the design and application of IT networks around the identity and access rights of users and their data. Clinical Zero Trust applies this same idea but to the cyber and physical environment of healthcare organizations.

Think of CZT as a strategy and not a technology; it is an end goal rather than a feature or ability. Cyber protections like firewalls and end-point security solutions make up some of the offerings that help create a CZT environment. A typical healthcare organization has a security system that prioritizes protecting devices and data– CZT shifts the focus to protect physical workflows, which are made up of the people and processes involved in delivering care.

This means the protected surface extends to the physical world, including everything associated with administering a procedure or delivering care. At first glance, it seems like an impossible task to protect physical things with cyber technologies, but in reality, when you look at the clinical setting holistically it makes it easier to identify interdependencies and develop strategies that will effectively protect the physical, business and digital processes to drive optimal patient outcomes.

Continue Reading

Uniting The Three Personas: A Better Path Forward For Healthcare Operations

By Jonathan Langer, co-founder and CEO, Medigate.

Jonathan Langer

Heading into the backend of 2020, we’re witnessing radical change at each level of the healthcare system. Beyond the dedicated amount of care and attention given to each coronavirus-positive patient, tight budgets and limited resources create new challenges each day.

From the frontline caregivers to CTOs to vendor partners, COVID-19 has forced all parties to reevaluate how to best strategize and deliver world-leading treatments in the face of a global pandemic – not an easy task.

When reflecting on lessons learned from the pandemic (and looking forward) – a major priority that stands out is the need to better organize and unite the different departments, or “personas”,  existing in the hospital, namely the C-suite, biomed / clinical engineering and IT.

While these departments are often forced to collaborate by crises, too often does the segmented nature of the health system result in siloed operations, i.e. ones where the departments rarely interact with each other. Each of these departments have their own specific requirements and objectives and, if there is an overlap, then there can be a struggle over whose priority is more essential.

While this hierarchy worked in pre-COVID times, it’s now clear that the challenges of the new healthcare system are too complex and urgent to tackle in a piecemeal fashion. Instead, we must bring together the separate departments and arm them with the technology, data and insights to make joint decisions – whether this is relocating critical medical devices to patients in need, shoring up cybersecurity attack surfaces, or completing asset procurement orders based on urgent demand.

Bridging the Departments

When looking at the responsibilities of the different “personas” in the hospital, it is fairly easy to see why silos occur. At the top, the C-suite is focused on high-level operations and business imperatives, which makes it difficult to gain a granular view of what’s most needed by the different departments. In comparison, the biomed or clinical engineering teams are operating on the ground level and tasked with maintaining all the equipment or services in the hospital – a task made exceedingly difficult by the explosion of medical and IoT devices on a hospital’s network.

IT’s role intersects with all the aforementioned areas – leveraging the C-suite to obtain the funds and approval to advance operating systems needed to keep the hospital on the cutting-edge of medical innovation, as well as collaborating with the biomed team to coordinate security procedures across all the equipment they must maintain.

Continue Reading