Guest Column | April 11, 2014

Cyber Surveillance: 4 Things Every Healthcare Solutions Provider Should Know

Gaby Friedlander, Observe IT

By Gaby Friedlander, ObserveIT CTO

Here are some sobering facts for anyone who used the U.S. healthcare system in 2013:

  • 21.7 million patient records were exposed in data breaches
  • 847,667 records were exposed in Q1 2013 alone
  • 94 percent of hospitals have been exposed by a breach in the past two years
  • 85 percent of breaches caused by vendors are due to either negligence or lost or stolen devices
  • 54 percent suffered multiple breaches by third parties

These numbers, provided by Experian, show that hospitals must evolve their cybersecurity to match the security standards and procedures they have developed and honed for their physical facilities. One key aspect of their physical security is 24/7 video surveillance: the ability to see who did what in their hospitals and the ability to go back in time to investigate incidents is an absolutely essential component of their security procedures. Healthcare providers need this same capability with regard to their critical IT and records systems which hold the most critical data of all — patient records. User activity monitoring is the technology that enables healthcare providers to do this.

By adopting user activity monitoring, healthcare providers can record every action of users that are accessing sensitive data, essentially providing them with cyber surveillance to match the video surveillance they have in the physical world.  The captured actions are recorded and can literally be played back just like a DVD with the ability to back in time.  This video recording of actions is also complimented with searchable, human readable meta-data that summarizes the user’s actions.

Cyber surveillance based on user activity monitoring is new to most organizations. Here are four things every healthcare organization should understand about user activity monitoring:

  1. It’s not a luxury item. User activity monitoring might seem best suited to only the largest of healthcare organizations, but as the numbers above illustrate, any healthcare organization could be the target of online criminals. Similarly, no healthcare firm is immune from human error, the number one cause of data leakage. In both instances, the ability to quickly determine the exact cause of an incident is not a nice-to-have; it’s essential.
  2. Video surveillance cannot stop a crime, but it can deter it. On-site video cameras cannot guarantee a facility will be safe and neither can user activity monitoring. What cyber surveillance can do is deter illegal behavior by reinforcing in the minds of users that their actions are being monitored. This is especially true for privileged users, those with open access to the most critical systems and data.  
  3. It will shorten an audit. Earlier this year, the Department of Health and Human Services announced that HIPAA audits would increase in frequency in 2014, and so far, they have held true to their word. While the number of audits can vary, user activity will minimize the amount of time each audit requires of staff. By providing regulators with easy-to-consume video recordings of suspicious activity — instead of deciphering complex logs and code — the time-costs of an audit can be reduced significantly.
  4. It can monitor the cloud. One of the great debates in healthcare technology these days is that of cloud computing. While some organizations have declined to make the switch due to concerns over data security and loss of control, most have either already adopted cloud in some capacity, or are in the process of doing so. It’s important for the latter group to remember that while the cloud might provide encryption, anti-virus, key management, and other known security features, it is not impervious to security breaches, nor does it help with fast response should a data breach  incident occur. Fortunately, user activity monitoring is easy to deploy in both on-site and cloud-based servers.

If an unauthorized person enters a healthcare facility and starts to vandalize or steal equipment, these actions would be caught and detected on video, and security officers and police would react in minutes.  Now image a criminal sitting halfway around the world, hacking into your client’s patient record database. User activity monitoring-based cyber surveillance enables you to record and see every action that hacker is taking in the same video and detect it as soon as it happens.

Gabriel (Gaby) Friedlander is the co-founder and the heart of ObserveIT.  He is the major force driving both the product roadmap as well as the business direction. Currently, in his position as the CTO and co-founder of ObserveIT, he focuses on sales and business development, with an emphasis on face-to-face customer activity. Ultimately, he is instrumental in ObserveIT's growth and development into the leading provider of enterprise-level user activity monitoring and auditing software for Windows, Unix and Linux platforms. Friedlander is the main presenter for all events for ObserveIT. He has presented to customers, resellers, and partners throughout the world in over 25 countries.