Information Security

RE-IMAGINING HEALTH CARE SECURITY: LESSONS FROM THE FIELD

RE-IMAGINING HEALTH CARE SECURITY: LESSONS FROM THE FIELD

At Techumen we recognize that health care providers have highly complex clinical and business processes. In turn, these core functions rely on a large, distributed, computing and communications environment. We also recognize that the demands on computing for health care will be heightened as burgeoning new care areas like population health with its attendant large data sets, precision and genomic medicine, patient-driven care protocols, networked medical instrumentation, and telehealth become firmly entrenched in care-giving.

MEDICINE 2.0 – News from the future and understanding security’s role

MEDICINE 2.0 – News from the future and understanding security’s role

The first CRISPR babies have arrived in China. This event portends for vast new dabbling in genetic engineering. Watch for genetic manipulation, possibly coupled with radical new human implant shenanigans in S.E. Asia (Thailand and Korea especially). Medical tourism isn’t just another catchphrase. Futurist, William Gibson is/was correct. The future is “now”. 

IT Audits can be both lightweight and effective

IT Audits can be both lightweight and effective

In our last mailing, we wrote about how to talk to management about security.  This time, we will address what to tell them. 

It is easy to cloud the communication channels with too many details, the wrong details, or too much technical focus. Instead, concentrate on what management needs to know about the issue at hand, and what they should know in their capacity as organizational leaders. This will help them understand the problems you (and, by extension, they) are dealing with, and importantly, help you get the organizational support you need to solve them.

Case Study - What to Tell Your Management about Security.

Case Study - What to Tell Your Management about Security.

In our last mailing, we wrote about how to talk to management about security.  This time, we will address what to tell them. 

It is easy to cloud the communication channels with too many details, the wrong details, or too much technical focus. Instead, concentrate on what management needs to know about the issue at hand, and what they should know in their capacity as organizational leaders. This will help them understand the problems you (and, by extension, they) are dealing with, and importantly, help you get the organizational support you need to solve them.

Case Study - How to talk to your Board about security

Case Study - How to talk to your Board about security

The gap between IT and management can often be a chasm.  Nerds can’t talk to suits. In the Dilbert cartoon, this leads to laughs; in real life it leads to frustration, ignorance, and poor organizational performance. Some of this gap is the nature of the security topic.  It’s difficult to discuss security events, which by definition are abstract, future, and highly uncertain, in a clear and concise manner. Many managers are highly quantitative and numbers-oriented, and security is not yet a quantified body of knowledge. The “curse of knowledge” frustrates any attempt to communicate specialized information, as your physicians can tell you – it’s difficult to talk about topics that you know well to an audience that knows little.

Healthcare, the cloud and information security

Healthcare, the cloud and information security

What is Cloud computing and how does it benefit healthcare providers and consumers? Three fundamental things have spawned the surge of interest in cloud computing...

Optimizing your health care security spending

Optimizing your health care security spending

We have conducted over 200 security risk assessments for providers of various sizes, from a multi‐state hospital chain to solo practitioners. One common theme that emerges from all of these assessments is that the return on investment (ROI) on information security products is lower than it could be. Simply stated, most health care providers are wasting limited resources to manage their information security.