Strategies for Healthcare Security and Privacy: White Paper

Rising Risks, Greater Threats, Limited Budgets
Improving the quality and reducing the cost of patient care depends on digitizing healthcare workflows and moving to electronic patient records. These records are a type of sensitive information, also referred to as electronic Protected Health Information (ePHI). Sensitive information in electronic form presents new vulnerabilities compared to pape...r-based equivalents. The security and privacy risks associated with sensitive information are increased by several growing trends in healthcare, including clinician mobility and wireless networking, health information exchange, cloud computing, “bring your own computer,” and the use of Personal Health Records (PHRs). The sophistication of malware and security threats is increasing. Compounding these challenges are the limited budgets that healthcare organizations typically have available to mitigate risk, coupled with the rising consequences of failure to safeguard sensitive information.

This whitepaper describes an industry-standard approach that healthcare organizations can use to assess risks, and identify security and privacy needs. We also share a multilayered, defense-in-depth strategy that can help healthcare organizations mitigate risks throughout the threat lifecycle to protect the confidentiality, integrity, and availability of sensitive information. With this foundation in place, we discuss specific security and privacy needs for healthcare organizations and describe several Intel® technologies that can help address these needs:
• Mitigating loss or theft of sensitive information
• Protecting sensitive information at rest, in transit, and in use
• Protecting access to sensitive information with strong authentication
• Improving security and privacy policy compliance.

Read the full Strategies for Healthcare Security and Privacy White Paper.