Securing Personal Health Information
By Victor Pytleski, CIO, MedRisk, Inc.
The biggest trend in healthcare database management is the security and encryption of data. MedRisk, a managed care company provides physical medicine and diagnostic imaging services for injured workers, manages databases of protected health information for workers’ compensation insurance carriers and other payers. Protecting PHI is a top priority.
"Constantly testing the system and recovery plans and running regular penetration tests against the networks and databases also helps to proactively address any issues"
As recently as eight years ago, protecting health records was mainly an operational function. You didn’t leave paperwork with social security numbers lying around on your desk or keep your work station open to health records. Identity theft wasn’t that big of a problem, and the focus was around protecting one person’s data.
Today, as the world moves so heavily into the online and cloud space, breaches threaten the entire database and can compromise the PHI of thousands of people. News coverage of major data breaches and regulatory changes have pushed data protection to the forefront of healthcare companies’ IT priorities. It is therefore not surprising that customers have become laser focused on security and the protection of PHI.
Key Customer Concerns
MedRisk meets regularly with its customers to evaluate the security used to protect data and information. The customer typically brings a list of questions and best-practice criteria and concerns. Invariably database and network security tops the priority list, followed by system resiliency and redundancy. Customers are especially concerned about how the data is protected when it is resident and being used in the operating environment and when it’s at rest.
Tips and Recommendations
• Database and Network Security
Operational staff members need to work with the PHI, so data must pass securely to operational applications in a “for-your-eyes-only” environment, requiring a secure exchange of data between an application and the database. While there is some inherent security in that exchange, adding field level encryption in the database and decrypting during the transfer through to the application on the floor should be the goal when dealing with PHI.
Using 128-bit or 256-bit encryption helps ensure data is protected at rest; decrypting that data when it is accessed adds a good additional layer of security for PHI. This type of security can be localized and used specifically for PHI, versus using self-encrypting databases that expand protection to the entire database and can be more costly.
For the exchange of data between entities, key encryption, such as PGP (Pretty Good Privacy) file encryption, coupled with a secure transfer method like SFTP is a good strategy.
• Protecting Data at Rest
Protecting data at rest is a growing demand in the healthcare space and are a number of data-at-rest security solutions. These include software and hardware solutions that automatically encrypt data and backup programs that encrypt during the backup and/or keep the backup encrypted. The goal is to choose the right solutions for your needs and the needs of your clients. Most importantly, make sure that you are identifying the PHI you are housing and use multiple layers of protection.
• Resiliency and Redundancy
The resiliency and redundancy of the databases and environment are nearly as important to healthcare companies as data security. As most of us know, resiliency refers to the strength of the system and its resistance to going down. Check for multiple power supplies, generators that automatically kick in with no interruption during complete power outages, and multiple internet pipes networking routes into the database environments.
Redundancy means the existence of all these things, especially the data, in multiple places. If a hurricane or earthquake takes out the first data center (resiliency fails), redundancy takes over. Everything exists in a pure format and can be accessed from another location. In addition to the protections on the security of the data in your environment, you need to make sure that your disaster recovery plan is in order and tested on a regular basis.
Some companies turn to cloud solutions, which can be great for resiliency and redundancy. Obviously you need to conduct due diligence to make sure data storage facilities meet your requirements and you should consider the long-term cost. In environments where data continues to expand, the cloud can end up being more expensive than replacing internal solutions for the same storage. Plus, extracting yourself from that cloud solution if the price exceeds the budget may prove extremely difficult.
Constantly testing the system and recovery plans and running regular penetration tests against the networks and databases also helps to proactively address any issues.
At MedRisk, we see data protection as an extension of our customer service, just like our commitment to get injured workers to the right provider at the right time for the right care. Working with our customers to evaluate and discuss security helps to expand and further define customer needs. This enhances customer relationships even as it supports the resiliency, redundancy and security of our systems.