With our Healthcare Data Threat Report announced just this week, I was not surprised to see that one of our key findings aligned with the topics being discussed at the HIMSS conference. Based on my observations on the exhibit floor as well as my conversations with healthcare IT professionals and security consultants, one key theme from the report bears out: When it comes to protecting electronic personal health information (ePHI), the focus for many healthcare IT teams is still on traditional security measures.
For example, I spoke with a handful of consultants who help healthcare networks assess and improve their risk postures. All of them agreed that the tools of choice are network and endpoint security tools – i.e. firewalls and antivirus solutions. Accordingly, network and endpoint security messaging was well represented in the exhibit hall.
When it comes to advanced data protection measures like data encryption with strong key management, consultants encourage the use of such measures to render breached data unusable. But IT teams see it as a “to-do,” not a top priority – or they have the perception that it will be too difficult or slow down workflows. In instances in which an organization does use built-in database encryption, the security team doesn’t always have a solid grasp of key management, and so they may have a false sense of security.
Two other trends that are particularly exciting to us at Thales e-Security are:
I look forward to seeing how the rest of 2017 plays out and how these trends will impact the 2018 HIMSS conference. I suspect that both the cloud and IoT will be widespread across the educational agenda and on the exhibit floor.