12 Questions Keeping Healthcare Leaders Up at Night
BY BRYAN SCHEETZ, DIRECTOR, HEALTHCARE VERTICAL at MCPc
No industry has experienced more change than healthcare in the past decade.
2009’s Health Information Technology for Economic and Clinical Health Act (HITECH) promoted the adoption and meaningful use of health information technology. HITECH also created a $27 billion incentive program to hospitals and providers that adopt electronic medical record systems.
The financial incentive has been effective in quickening the pace of adopting electronic medical records (EMR). The use of EMRs increased from 40% of providers in 2009 to 90% of providers in 2015.
However, HITECH’s incentives rewarded adoption strategies focused on the speed of EMR integration, often at the expense of developing new asset management, cybersecurity and governance policies required to securely and sustainably operate a health system after its digital transformation.
The lack of maturity around healthcare asset management and cybersecurity, combined with the high cost of regulatory non-compliance (financial and brand damage), create a management nightmare.
Today, healthcare executives who sleep well at night are few and far between.
If you are sleeping well, consider the following questions:
- Is data for your hardware and software assets aggregated in a single database – do you have a single source of truth?
- Do you feel that your asset data is complete and accurate?
- Security status
- Patch compliance
- Software entitlements
- Warranty entitlements
- Last time the asset accessed the network
- Are you regularly reclaiming hardware and software assets that aren’t in use?
- How do you protect data on a device once it’s been retired from service and drops off the network?
- How do you protect devices that travel outside the boundaries of your hospitals four walls?
- How do you protect devices living at the edge of your network?
- How do you prove performance for compliance and security today?
- If a physician’s device fails, how long does it take to get them working again?
- How do you protect a broken device through the repair process?
- During a refresh, how well does IT balance deployment responsibilities and normal service ticket resolution?
- How does the user experience change during a technology refresh?
- How does the patient experience change during a technology refresh?
If you struggled with these questions and if you toss and turn worrying about a breach, you are not alone; however, HIPAA holds all providers accountable whether they have answers or not.
MCPc has a long history of developing managed heath IT solutions that protect data, mitigate risk, manage compliance, maximize user experience, and optimize total cost of ownership for our clients.
Another outcome we provide: a better night’s sleep.
Bryan Scheetz, Director, Healthcare Vertical at MCPc
Email: [email protected]