Posts

Using the cloud to track the flu

/in , , /by

Last year, in the midst of the government shutdown, the Centers for Disease Control and Prevention was left unable to monitor the movement of flu outbreaks in the country. While tracking the flu may not seem like such a major task, healthcare providers across the country rely on information from the CDC to know what to expect from the patient population in order to appropriately stock necessary supplies. To make matters worse, the shutdown occurred at the beginning of October, just about the time flu season was kicking into high gear.

To fill the void left by the CDC, athenahealth stepped in and used its resources to get the job done with the help of cloud computing. athenahealth, an electronic health record and billing management company, used its expansive online database to look at flu-related claims in real time in order to identify patterns regarding where outbreaks of the virus were occurring.

While there are other cloud-based services that perform a similar task, they often provide less precise information. Google Flu Trends, for instance, measures outbreaks based on flu-related searches in a certain area which can cause overestimates about the number of doctor's visits actually taking place. The results gathered by athenahealth's cloud database, on the other hand, were in line with previous CDC statistics, suggesting a high level of accuracy.

Cloud-based health initiatives gaining traction
Now that the shutdown is over, cloud-based tracking systems are still being utilized. This year, data gathered from electronic health records from across the country and stored in the cloud have made it possible for health professionals to see that early cases of the flu are beginning to occur more frequently. Because cloud-based data from EHRs tracks information collected during visits to the doctor, trends can be tracked on a daily, weekly, monthly or even yearly basis, allowing for a more accurate view of the trajectory of the virus. For instance, information gathered by athenahealth showed that patients visiting pediatricians that have been diagnosed with influenza-like illnesses increased almost 1 percent between Nov.9 and Nov.22.

A similar program by athenahealth subsidiary Epocrates was launched last year to provide doctors with important information about other kinds of health issues.  Called "bug+drugs," the program offers healthcare professionals a mobile app that uses de-identified patient data from the more than 43,000 providers using athenahealth's cloud-based software to help doctors identify antibiotic-resistant bacteria, like staph infections and E. coli, prevalent in their communities. The campaign is part of a larger effort to use the cloud to geo-locate specific health issues based on patients' ZIP codes.

While private, cloud-based healthcare companies aren't going to start taking over the job of the CDC, they are beginning to provide a larger number of services that benefit public health initiatives. Realizing the advantages of the help athenahealth provided while the CDC was unable to operate, the Ohio Department of Health now receives flu data from the company on a weekly basis. Other public health departments are utilizing the cloud to track the movements of diseases, and a variety of aid organizations in Africa are using the cloud to monitor the spread of the Ebola epidemic.

Aid workers fight Ebola with unified communications

/in , , , /by

As Ebola continues to spread across West Africa, the International Federation of Red Cross and Red Crescent Societies is partnering with Airtel, an Indian service provider, and the government of Sierra Leone in order to send health reminders through widespread text messaging campaigns.

Since last April, when the Ebola outbreak first began, officials have been utilizing the Trilogy Emergency Relief Application system to send nearly 2 million texts a month in the country. The messages provide the citizens of Sierra Leone with important health information and facts about Ebola to help educate the public, such as to avoid physical contact with others if they believe they have been infected, not to resist the aid of health workers in the area and other potentially life saving tips. The system is designed to send messages at off-peak hours to prevent network overload and recipients can opt out of the messages at any time.

Messages received by cell phone users include "People with Ebola who go to the health center early have a better chance of survival" and "Healthcare workers who take of Ebola patients have to wear protective clothes, do not be afraid of them." The service also allows text recipients to reply with basic health questions and receive and automated response regarding information about medical help, cleaning tips or treatment options.

Unified communications solutions have proved to be extremely effective in disseminating critical information during times of crisis. The TERA messaging system was also used in Haiti after the country's devastating 2010 earthquake and was first brought to Sierra Leone in 2013 to educate citizens about a cholera outbreak. Similar programs are used in the U.S. to send out information about severe weather or on college campuses to alert students about dangerous situations. 

Text messages reach a wider audience than emails
The messaging system was set up by the IFRC and is capable of sending a text to any cell phone that is turned on within a certain region. In areas like Sierra Leone, Internet access is not nearly as widely available as cell phone service and mobile phones are a vital lifeline for those trying to communicate with a large audience in the midst of a crisis. More than two-thirds of those in Sierra Leone have cell phone service, while only 9 percent have access to a 3G or cellular Internet plan, NPR reported. Because the messages are sent to cell phone users located in specific regions, the IFRC and Sierra Leonean Ministry of Health can tailor the texts to certain populations and provide regional advice.

In an interview with NPR, IFRC mobile operator relations officer Robin Burton noted that the system can also be used to make aid services more effective through feedback from recipients.

"We hope this will empower people to help themselves," said Burton. "They could send a message back to us saying, 'Thanks for the rice, but we have no way to cook it,' or, 'We don't eat pork here.' We call it beneficial communications because it helps everyone do better."

Burton also noted that the information sent in texts is saved on the phone and can be used for later reference, unlike information shared through the television or radio which is often quickly forgotten.

So far, more than 4,000 people have died as a result of the Ebola epidemic in West Africa, and the rapid pace at which is has been spreading in the region has spurred the Red Cross into expanding the messaging program to seven other countries in the area; Tongo, Mali, Benin, Ghana, Guinea Bissau, Burkina Faso and Gambia. Once the Ebola outbreak subsides, the TERA system will remain in use in those countries during natural disasters or times of conflict. 

Growing digital health market highlights need for secure data storage solutions

/in , , , /by

A recently released study by Juniper Research revealed that the digital health market is making dramatic gains, especially in the area of wearable tech and mobile phones. According to the report, applications targeting healthcare will be a driving factor behind the digital market for that industry reaching more than $3 billion over the next five years. The market is rising so fast, in fact, that other research has suggested it may grow to more than twice that size in an even shorter amount of time, with Visiongain predicting the market will be worth $6.7 billion by the end of this year.

Wearable technology has found its way into a variety of industries, but healthcare shows the biggest opportunity for success, according to the study. Healthcare apps are being widely adopted because of the myriad benefits they offer. Wearable health devices can collect a massive amount of user data that can then be analyzed to track trends in a variety of healthcare populations. Having the ability to connect smartphones and tablets to medical devices like heart rate monitors and blood pressure cuffs offers a variety of benefits, like improved in-home monitoring and an enhanced ability to screen for related health issues.

The report suggests that the advancement of electronic health records will create an enhanced and widened digital health environment, as the records can provide a baseline for mobile health databases.The data collected through healthcare applications can also be used to help reduce the price of medical insurance for users. Existing federal laws allow information gathered by wearables and mobile devices to influence the price of health insurance as long as they meet a predefined set of requirements that constitute an employee wellness program. However, now that the growing amount of personal medical data can be integrated into insurance information, it's only a matter of time before more modern frameworks is developed to utilize this new data.

Protect sensitive medial data in the cloud
As more hospitals and healthcare providers adopt the use of wearable medical devices, the ability to store and protect the vast amounts of information created will become a top priority. A reliable way to increase the security of sensitive patient data is to employ cloud storage services. Storing sensitive information in the cloud provides organizations automatic encryption, as well as disaster recovery solutions that ensure necessary data will be available even a primary system were to fail or be damaged. Cloud services are also a cost-effective solution, as they are easy to scale to meet needs. 

Cloud computing, virtualization offer benefits to healthcare industry

/in , , , /by

Recent advancements in technology have impacted every industry, but none more so than healthcare. The emergence of mobile devices like smartphones and tablets have influenced medical providers, as those devices are beginning to replace traditional monitoring and recording systems and allowing patients more flexibility in their treatment. The growing use of cloud computing has especially had an effect on healthcare, improving communication, data storage and ease-of-use.

One of the biggest advantages technology has brought to the healthcare industry is an improvement in the way doctors and patients communicate with one another. It can often be hard for patients to get ahold of their physicians, but with a variety of cloud communication options like voice and video conferencing, as well as technology focused solely on connecting doctors and patients, the burden is being eased.

Remote monitoring is another major benefit of the use of technology in medicine. Just as it can be difficult for patients to get in touch with their doctors, it can also be hard for many people to make it to the hospital at all. Home monitoring technology allows patients to use a small device designed specifically for their health problem from the comfort of their home. According to a report by Research and Markets, 2.8 million patients worldwide were utilizing home monitoring by the end of 2012. This provides patients with reliable care while reducing the cost of multiple visits to the doctor and lowering the risk of having to be readmitted. Readmission rates for cardiac patients using home monitoring dropped from 25 percent to just 2 percent, Becker's Hospital Review reported.

Cloud computing and virtualization are now also able to take remote monitoring one step further and provide patients with complete medical treatment from their homes using a telehealth platform. Just as home monitoring helped to reduce expenses, telemedicine is also cost-effective as it reduces travel times for patients and allows doctors to see more people each day. For patients living in rural or underserved areas, being able to have a doctor's visit over a video conference and receive prescriptions and medical records through a cloud-based portal is a dramatic improvement from having to travel long distances to see a physician, or not getting any treatment at all.

Increase in healthcare data breaches highlight need for improved storage solutions

/in , , , /by

While much of the news on cybersecurity and data breaches has been focused on attacks aimed at retail stores, security experts are increasingly warning healthcare organizations that hackers are more frequently going after targets in this $3 trillion industry.

In the underground market where cybercriminals sell their stolen goods, medical information can go for more than 10 times what credit card numbers are worth. Due to the high price medical records can fetch, attacks are increasing at an alarming rate. Just last month the FBI warned healthcare providers to be on high alert after Community Health Systems, one of the U.S.'s largest hospital operators was hacked and the information of 4.5 million patients was compromised. A recent study by the Ponemon Institute found that the number of healthcare organizations reporting a data breach is rising, with 40 percent of providers reporting an intrusion in 2013 as opposed to 20 percent in 2009.

Lack of awareness makes healthcare great target
As opposed to retail data breaches or personal identity theft, fraud involving medical information is rarely detected in a timely manner, making it more worthwhile for hackers to go after healthcare records instead of credit card numbers.

"As attackers discover new methods to make money, the healthcare industry is becoming a much riper target because of the ability to sell large batches of personal data for profit," said Dave Kennedy, CEO of TrustedSEC LLC in an interview with Reuters. "Hospitals have low security, so it's relatively easy for these hackers to get a large amount of personal data for medical fraud."

According to an FBI estimate, one medical record can sell for as much as $50 in an underground marketplace, in stark contrast to the few dollars a stolen credit card might bring in. Stolen medical information commonly on sale on the black market includes names, dates of birth, billing information, diagnosis codes and policy numbers. This data is then used by cybercriminals to create fake IDs in order to purchase prescriptions or medical equipment that can be resold, or to make phony insurance claims.

Low funding, high risk
One of the major drivers in the increase in healthcare data breaches is the recent switch to electronic medical records. In an interview with the Boston Globe, Beth Israel Deaconess Medical Center CIO John Halamka said that IT departments in the healthcare industry commonly receive between only 2 and 3 percent of an organization's budget, compared with the 20 percent offered to those in retail and financial industries, yet organizations are being forced to rely on technical solutions. Perhaps because of the lack of funding, a recent study by security firm BitSight Technology found that healthcare providers respond more slowly to data breaches than any other sector, compounding the problem.

The Ponemon Institute report found that the healthcare industry loses $5.6 billion a year due to security incidents. As cybercriminals continue to find more sophisticated attack methods and target larger amounts of information, healthcare providers will have to find a more secure way of storing their electronic medical records. A reliable way to protect patient data is to utilize cloud storage services. Data saved in the cloud can be easily encrypted and kept in a separate place from other enterprise information. Business continuity procedures are also improved by keeping health records in the cloud, as duplicate data can be stored offsite and kept safe in case a system is compromised or a disaster were to occur. Cloud services are a cost-effective storage option as they are highly scalable and require healthcare providers to only pay for the amount of service being used. This allows cash-strapped organizations to protect sensitive information without breaking the bank. 

Health workers look to the cloud to prevent infectious diseases

/in , , /by

As the cloud becomes more widely adopted, the uses for the technology continue to grow. One of the sectors where the uses for cloud computing are advancing rapidly is healthcare.

In hospitals across the country, doctors and nurses are operating over the cloud on virtual desktops in order to access their desktops wherever they are. With the use of virtualization, medical staff are able to access their computers from the nearest thin clients instead of going back to their offices. Not only does this improve patient care, as charts can be updated more quickly and checked more frequently, but less movement helps to stop the spread of infection and decreases contamination. Fewer doctors and nurses entering the rooms of highly contagious people means a lower chance of spreading the disease, and virtual desktops enable medical staff to continue treating patients with a minimal risk of contamination. 

Aid workers look to the cloud for data sharing
On a larger scale, the University of California, San Francisco is in the process of creating a cloud-based platform that would utilize data from the Google Earth Engine to provide health workers around the world with actionable information to predict areas where malaria transmission is the most likely. Google Earth Engine is an aggregator of trillions of satellite images dating back almost 40 years ago, paired with online tools to help researchers map trends, identify changes and quantify differences in the Earth's surface. The project is aiming to provide resource-poor nations with the tools to more narrowly and effectively target campaigns against malaria, which kills 600,000 people each year.

The new tool will look at the relationship between occurrences of the disease and environmental factors like rainfall. Maps of the local areas on the Earth Engine will also help scientists and aid workers learn more about what drives malaria transmission. The malaria prediction tool will also allow health workers to share their information from the field about where and when malaria cases have occurred. By combining real time information with satellite data on environmental conditions within Earth Engine, the tool will be able to pinpoint where new cases are most likely to emerge. With more specific locations of expected outbreaks, healthcare officials can distribute bed nets, spray insecticides and give medicines directly to the people who need them most. 

The cloud platform will be launched in Swaziland, but there are plans to make the tool available to workers within the Global Health Group initiative operating in other countries. The program's creators are also looking into adapting the platform to help predict other infectious diseases.

Cloud helps hospitals treat patients more effectively 
​Cloud-based medical programs are also being used in hospitals across the country, including Memorial Hermann Health System in Texas which recently launched a cloud platform that monitors patients for signs of infections. The technology monitors all of its hospitals' patients simultaneously and continuously for signs of sepsis, a life-threatening infection complication that affects nearly 750,000 people nationwide each year and has a 50 percent mortality rate.

The sepsis monitoring system uses precise calculations to detect signs of infection in patients and alerts staff when at least two signs have been found, including rapid breathing, low blood pressure or fever. The tool alerts medical staff to the infection and enables them to quickly begin procedures to treat the condition.

HealthKit, healthcare and managing BYOD

/in , , , , , , /by

As smartphones become faster and increasingly capable of running sophisticated applications and services, health care organizations are faced with a dilemma. Do they allow doctors, nurses and staff to participate in bring-your-own-device policies and potentially unlock productivity gains that enable higher-quality care? Or do they hold back out of legitimate concerns about data security and compliance with regulations?

The growing interest of technology firms in health care tracking only complicates the situation. Individuals may now use devices such as wristbands, in addition to smartphones, to record and share health information, making it critical for providers to keep tabs on BYOD activity to ensure compliance.

HealthKit and the larger issue of sharing health information
At this year's Worldwide Developers Conference, Apple announced HealthKit, a platform built into iOS that underscores how healthcare on mobile devices is rapidly evolving and sparking questions about how sensitive data is handled. HealthKit isn't a discrete solution but a system of APIs that would allow, say, an application that tracks steps to share its information with medical software that could provide actionable advice.

Major health care organizations are already on board. The Mayo Clinic created an application that monitors vital signs and then relays anomalous readings to a physician. Given the already considerable presence of mobile applications in health care, HealthKit could give hospital and clinic staff additional tools for providing efficient care.

At the same time, HealthKit turns any iOS device into a potential compliance painpoint. Data that is stored on an iPhone, for example, would not fall under the purview of the Health Insurance Portability and Accountability Act, but if shared with a provider or one of their business associates, HIPAA would likely apply. Stakeholders will need time to adjust to the nuances of how healthcare applications interact with each other in the HealthKit ecosystem.

"The question would be whether the app is being used by a doctor or other health care provider. For example, is it on their tablet or smartphone?," asked Adam Greene of Davis Wright Tremaine LLP, according Network World. "Where the app is used by a patient, even to share information with a doctor, it generally will not fall under HIPAA. Where the app is used on behalf of a healthcare provider or health plan, it generally would fall under HIPAA."

Tracking and securing privileged health information
HealthKit is just one platform on a single OS, but it is part of a broader shift in data control, away from centralized IT departments and organizations and toward end users. For healthcare, this change is particularly challenging since providers have to ensure that the same compliance measures are enforced, even as BYOD and cloud storage services become fixtures of everyday operation.

A recent Ponemon Institute survey of more than 1,500 IT security practitioners found that almost 60 percent of respondents were most concerned about where sensitive data was located. BYOD complicates compliance, and healthcare organizations will have to ensure that they have well defined policies in place for governing security responsibilities.

"People trained in security also view IT as accountable for the security domain," Larry Ponemon, chair of the Ponemon Institute, stated in a Q&A session on Informatica's website. "But in today's world of cloud and BYOD, it's really a shared responsibility with IT serving as an advisor, but not necessarily having sole accountability and responsibility for many of these information assets."

It's no longer enough to rely on IT alone to enforce measures. Security teams and IT must work together and implement BYOD security as well as network monitoring to ensure that only authorized devices can connect to the system, and that data is safely shared.

How BYOD can be made easier through desktop virtualization

/in , , , , , /by

 

Bring your own device policies, already buoyed by rapid uptake of smartphones and tablets, may gather additional momentum as prominent technology vendors devote attention to making mobile hardware valuable in the workplace. Dropbox for Business has made several big acquisitions related to BYOD, with the aim of helping businesses transition to multi-device, highly consumerized IT environments. Meanwhile, Apple has included advanced support for email, device enrollment and calendar collaboration in iOS 8, making the mobile OS more amenable to BYOD than ever.

It’s clear that BYOD isn’t going away. However, organizations are still adjusting to the new pressures that the phenomenon places on data control, security and compliance. While major firms continue to work on BYOD-centric solutions, enterprises have to assess their mobility needs and decide whether to implement measures such as desktop virtualization to enable BYOD.

Virtualization makes BYOD more secure for leading steel producer
The central issue with any BYOD policy is the transfer of control – over hardware, software and data – from the IT department to employees, who may be less scrupulous in terms of what applications they use. For example, files that should remain behind the company firewall may be shared with consumer-facing cloud services. Mobile devices enable such habits, even as they hold potential to enhance collaboration and remote work.

Fortunately, desktop virtualization facilitates a middle ground between BYOD adoption and enterprise security. Rather than let each endpoint have its own OS and applications, IT departments distribute a single desktop experience via a virtual machine. Devices connect to the VM securely and gain access to approved software. Data is not retained on user hardware after a session ends.

Essar Group, a conglomerate involved in steel, oil and telecom services, turned to desktop virtualization to standardize and secure its employees’ mobile experience when working with company assets. Ultimately, it moved 5,000 users to its new virtualized platform.

“Security of data was the primary point of scope for looking for [a] desktop virtualization solution,” Jayantha Prabhu, CTO at the Essar Group, told Dataquest. “We had a good experience of the ability to control the data at the disposal of the employee when we deployed the same for some of our teams which handled data which was very critical both from a confidentiality and a brand perspective. We had around 3,000 BlackBerry users and more than 2,000 people with tablets, and with all the applications being accessed on the tablets, it was tough to ensure security of critical information.”

Desktop virtualization is a powerful tool for securing data and controlling mobile devices, but its benefits don’t stop there. Other perks include:

  • Reduced power consumption through the use of thin clients (machines that depend on a server for most or all of their software).
  • Centralized management of software and devices, with much more efficient patch distribution and application upgrades.
  • Support for remote collaboration since users can get the same experience from any Internet-enabled device.

With a broad set of advantages for organizations in finance, healthcare, education and other sectors, desktop virtualization is a practical, versatile way to incorporate BYOD while maintaining the integrity of company data.

Unified communications solutions rapidly replacing legacy phone systems

/in , , , /by

Unified communications solutions are displacing legacy technologies with such speed that some industry observers have begun thinking about the end of the phone number. Facebook’s landmark $19 billion acquisition of WhatsApp – an ad-free mobile messaging service that relies on the user’s screen name rather than a phone number – underscored the rapid ascent of alternatives to the aging SMS/circuit-switched telephony infrastructure.

Chat apps overtake SMS, showing changing face of consumer and business communications
Last year, E.U. Commission vice president Neelie Kroes announced that OTT chat apps had overtaken SMS for worldwide messaging volume. While SMS likely isn’t going away just yet, much of the value in communications has certainly moved from basic services to richer platforms that make the most of high-speed data connections and provide amenities beyond text messaging and voice calling.

Consumer options such as Skype and LINE have become famous for video conferencing and stickers, respectively. Similarly, business-grade offerings often distinguish themselves by including data sharing and email services in addition to text and voice. Organizations across many verticals, including healthcare and education, have put UC to work as they modernize their IT operations. A managed services provider can help navigate the common obstacles that companies face as they move to

“Many of the benefits of unified communications center on internal productivity improvements, or the facilitation of collaborative working,” Liam Ward-Proud wrote for City A.M. “But [small and midsize businesses]  also face the challenge of managing numerous client contact points, and a total communications strategy can help ensure a consistent client experience is delivered.”

University of Washington remakes IT department with UC
Universities have been at the forefront of UC adoption as they adjust to the rapidly evolving communications habits of students. Take the University of Washington, which began planning its move from a legacy phone system to UC as far back as 2010, according to EdTech.

The institution began by overhauling its infrastructure, installing fresh switches to support a network that could handle converged voice and data. Since its systems served more than 22,000 users, upgrades were made in phases over the course of a few years, with medical call centers and campus public safety among the first to receive access to the new platforms.

The university’s UC systems grew to encompass voice, voicemail, chat and video conferencing. Down the road, it has its eye on video-as-a-service and additional cloud-based functionality. Indeed one of the underlying value propositions of UC is that it creates a clear pathway toward cloud computing. Many UC components can be hosted and managed by a third-party, freeing users from having to tend to their own infrastructure. Functionality can also be changed and scaled depending on demand.

In the University of Washington’s case, the rollout of UC is facilitating creation of hybrid cloud. Hybrid setups typically involve:

  • Some infrastructure that is managed in-house, often for reasons such as security, compliance, control and performance.
  • Other applications and resources – for computing, networking and storage – that are piped in from an external provider.
  • APIs and mechanisms for determining what gets run where and when. For example, a workload that is running internally but requires more capacity can be shifted to public cloud infrastructure.

For the university, some assets will be kept on-premises while software is increasingly shifted to the cloud for greater availability.

“Right now, people can use the features in Microsoft Lync, such as chat, voice, video and conference sharing, on a peer-to-peer basis,” Roland Rivera, director network strategy and telecommunications for the university, told EdTech. “Our goal is to provide these capabilities campus-wide. As the technology evolves, we plan to keep the [session initiation protocol] core in-house, but migrate applications to software-as-a-service cloud solutions as those become available.”

Healthcare providers turn to network security, desktop virtualization to protect data

/in , , /by

There's plenty of work to do in shoring up network security at healthcare organizations. While the retail sector has been been making headlines for months due to oversights that led to record-setting breaches at Target, Neiman Marcus and Michaels, hospitals and clinics may be even more vulnerable to attack than these chains, even if they haven't been the subjects of similarly high-profile incidents yet.

Healthcare lags retail, finance in network security
A recent report from BitSight Technologies rated the security postures of different verticals on a scale from 250 to 900 (a higher figure means stronger protection). Healthcare received a 660, falling well behind retail at 685, with utilities and finance even farther up the ladder.

"Unlike the financial institutions and electric utilities in the S&P 500, the healthcare and pharmaceutical companies do not view cybersecurity as a strategic business issue," stated the authors of the BitSight report, according to Cruxial CIO. "They do not spend enough resources to protect their data, in part because cybersecurity has not received the executive level attention it deserves."

The results are surprising in light of how many regulations, including the Health Insurance Portability and Accountability Act, govern healthcare data. Security firm Redspin estimated that nearly 30 million records have been compromised in HIPAA breaches since 2009, and that the yearly total rose 138 percent between 2012 and 2014.

Mitigating risk with managed network security and virtualization
To avoid becoming victims, organizations can rely on a managed services provider to install and oversee mechanisms that shield important assets from surveillance and theft. Core capabilities may include:

  • Dedicated private IP networks that carry encrypted data
  • Secure remote access and collaboration
  • Network authentication and integrity checking
  • Firewalls for MPLS IP-VPN
  • Around-the-clock security management

These fully-featured solutions have become increasingly appealing to healthcare providers, especially as initiatives such as bring your own device and technologies like cloud computing have revolutionized IT. Administrators may no longer feel confident in their networks' safety in the face of threats that could enter from any one of many possible attacks surfaces, including smartphones or unauthorized cloud apps.

Health IT Security's Patrick Oullette chronicled how one healthcare security executive had recalibrated his organization's approach to network security in order to deal with today's threats and usage habits. In practice, this shift has entailed moving beyond data loss prevention and incorporating exfiltration techniques to keep tabs on device activity and traffic flows across the entire network.

"We also have a robust data exfiltration capability that we've instituted at the core of the network and the perimeter so we can watch data flows," David Reis, vice president at Lahey Health, told Health IT Security. "Looked at that way, it becomes illuminating pretty quickly and easy to flesh things out. You ask where the data is moving in and out from, what devices are plugging in and out and what users are doing once they're plugged in."

The adoption of advanced network security measures is promising, especially in light of the healthcare sector having accounted for 43 percent of all breaches in 2013, according to the Identity Theft Resource Center. On this same front, healthcare providers are implementing technologies such as desktop virtualization to bolster security.

Virtual desktops are appealing to hospitals and clinics because they involve little more than dumb terminals, to which operating systems are supplied from remote server. Accordingly, there's less risk of misconfiguration or data theft than with a machine that was running a locally installed OS. Speaking to Health IT Security, Chris Logan, chief information security officer at Care New England Health, described desktop virtualization as "a huge win for security."