The Evolution of Healthcare IT for the Small Practice

The Evolution of Healthcare IT for the Small Practice

Protecting PHI requires constant vigilance and it’s the responsibility of all vested parties to ensure the best practical technologies are being used. Whether you’re a solo practitioner or a large hospital, security is only as good as the weakest link. In todays connected health ecosystem, that weakest link extends beyond the boundaries of an individual network to include multiple external organizations. For example, a hospital that provides interfaced connectivity to physicians, labs, imaging centers, and more, exposes itself to the security practices at each of those facilities. One poorly thought out or mismanaged network can become a hackers access point to the entire ecosystem. Additionally, this exposure includes business associates that maintain access to their clients networks. Keeping this ecosystem protected will become an increasingly higher priority for all vested parties as both enforcement and attacks continue to climb.

Since small practices can’t invest the resources into their IT infrastructure that most hospitals can, they’ll be a focal point for gateway attacks. Hospitals will soon recognize this vulnerability and start demanding more accountability from their connected partners. Some hospitals may go so far as to offer IT services to their partners, while others may begin vetting IT vendors capable of meeting the higher level of scrutiny.

Regardless of who initiates it, small practices can expect the larger organizations in their ecosystem to begin encouraging them (and I’m saying that politely) to move towards professional IT management with companies that have experience within healthcare, HIPAA compliance, and advanced security configurations.

by Jeff Mongelli