December 13, 2017 By Grace Murphy 2 min read

Medical professionals now store, manage and share far more medical images than ever before. Picture archiving and communication systems (PACS) and cloud-based vendor-neutral archives (VNAs) enable health care practices to provide end users with access to medical images anytime, anywhere.

However, cybercrime poses a significant risk to the security of this protected health information (PHI). The exponential increase in connectivity and data will only continue, and while new technologies have improved performance, the attack surface has expanded concurrently.

Securing Health Care Infrastructures

The piecemeal nature of many existing health care infrastructures can leave data vulnerable to security breaches. This vulnerability, if exploited, can prove disastrous to patients concerned about their privacy and significantly damage the reputation of the affected organization.

Health care entities must implement more comprehensive, integrated security solutions to help address security compliance and reporting mandates. These solutions should:

  • Protect PACs and VNAs from external threats.
  • Secure PHI from internal attacks and leaks.
  • Generate audit reports using as much automation as possible.

Learn how New technologies help health care systems better protect and manage the imaging deluge

New technologies can help protect imaging data and files while automating workflows in accordance with regulatory requirements. They accomplish this through the discovery and classification of sensitive data, vulnerability assessments and file activity monitoring.

These technologies can help organizations detect threats, identify suspicious activity and block unauthorized access.

Source: IBM

Protecting Medical Images With Guardium

Solutions such as IBM Security’s Guardium Data Protection for Databases and Guardium Data Protection for Files can deliver significant benefits to imaging centers, providers and other health care systems that use PACS and VNAs to store and share medical images. Guardium can help identify security risks that might otherwise contribute to a potential or actual breach. The solutions are designed to help detect security breaches associated with multiple failed attempts to log in to an imaging organization’s databases and files. It can then deactivate associated accounts to make it more difficult for fraudsters to gain access.

In addition, these solutions are designed to prevent database access from outside applications and to alert administrators of potential intrusions. In doing so, the Guardium product set can help organizations prevent PHI from being shared with or accessed by unauthorized parties. It can also support the creation of policies that health care organizations can map to Health Insurance Portability and Accountability Act (HIPAA) standards.

Learn More

To learn more about how IBM Security can deliver integrated systems of analytics and defense capabilities in near real time to better secure your organization’s data, read our white paper, “Aggregate, Protect, Share: New Technologies Help Health Care Systems Better Protect and Manage the Imaging Deluge.”

More from Data Protection

Overheard at RSA Conference 2024: Top trends cybersecurity experts are talking about

4 min read - At a brunch roundtable, one of the many informal events held during the RSA Conference 2024 (RSAC), the conversation turned to the most popular trends and themes at this year’s events. There was no disagreement in what people presenting sessions or companies on the Expo show floor were talking about: RSAC 2024 is all about artificial intelligence (or as one CISO said, “It’s not RSAC; it’s RSAI”). The chatter around AI shouldn’t have been a surprise to anyone who attended…

3 Strategies to overcome data security challenges in 2024

3 min read - There are over 17 billion internet-connected devices in the world — and experts expect that number will surge to almost 30 billion by 2030.This rapidly growing digital ecosystem makes it increasingly challenging to protect people’s privacy. Attackers only need to be right once to seize databases of personally identifiable information (PII), including payment card information, addresses, phone numbers and Social Security numbers.In addition to the ever-present cybersecurity threats, data security teams must consider the growing list of data compliance laws…

How data residency impacts security and compliance

3 min read - Every piece of your organization’s data is stored in a physical location. Even data stored in a cloud environment lives in a physical location on the virtual server. However, the data may not be in the location you expect, especially if your company uses multiple cloud providers. The data you are trying to protect may be stored literally across the world from where you sit right now or even in multiple locations at the same time. And if you don’t…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today