One CIO’s call to action
December 13, 2012 in Medical Technology
As Tim Zoph sees it, it’s decision time for patient data security — a defining moment for “one of the issues of our time in healthcare,” that demands healthcare leaders everywhere step up.
Zoph, CIO of Northwestern Memorial Hospital in Chicago since 1993 and a CHIME/HIMSS CIO of the Year, headlined the Healthcare IT News and HIMSS Media Privacy Security Forum Dec. 12 in Boston.
He drew analogies to New York City hospitals during Superstorm Sandy, and he brought cardiologist and geneticist Eric Topol, author Jim Collins (Good to Great, How the Mighty Fall) and the popular television series Homeland to bear on his call for leadership.
As Sandy pounded Manhattan Oct. 29, two hospitals – NYU and Bellevue – had to reverse their decision to shelter in place, and instead had to evacuate patients.
“The biggest question for these institutions at the time was, ‘are we prepared to go,” Zoph said.
“Are our patients confident in our ability to manage their healthcare information for them?” he asked the audience. “The perils are there. It’s time to take stock of do we stay or do we go.”
In the Homeland episode “Broken Hearts,” the character Nicholas Brody kills his political nemesis by hacking into his pacemaker. It’s just a TV show, but Zoph found the scenario plausible for comfort.
“Fact or fiction?” he asked holding up a black box – a wireless transmitter used to give instructions to pacemakers. “What do you think?”
“The health benefit of these (pacemakers) are significant,” Zoph said, “but the fact is they’re not secure. We’re starting to attach them to electronic health records, and they’re not secure. We’re not doing it with security in mind.”
Even as technology and mobility offer more promise than ever before, they also pose additional dangers.
[See also: Biggest data breaches of 2012.]
“The most natural device in healthcare is one that’s mobile and always on,” Zoph said, referencing Topol. “We’ve always wanted to do it this way. As patients now have mobile devices they are being empowered to do a lot of things – they are now empowered to make decisions about their health.”
At Northwestern Memorial, Zoph counted 300 connected devices in 2009. Today there are 2,500. With new buildings in the works, everything will be mobile, everything will be connected, he said. For all the advantages that brings, there is the threat of more security risks.
It is why healthcare leaders must begin now to build a culture of security, he urged, and it has to be a team sport. It can’t be relegated to the security department or the technology team.
Article source: http://www.healthcareitnews.com/news/one-cios-call-action