Healthcare Security is Scaring Hospital CIOs

This post is sponsored by Samsung Business. All thoughts and opinions are my own.

Coming out of the CHIME CIO Forum, I had a chance to mix and mingle with hundreds of hospital CIOs. There was one major theme at the conference: security. If you asked these hospital CIOs what was keeping them up at night, I’m sure that almost every one of them would say security. They see it as a major challenge and the job is never done.

I had more than one CIO tell me that breaches of their healthcare system are going to happen. That’s why it’s extremely important to have a 2 prong security strategy in healthcare that includes both creating security barriers and also a mitigation and response strategy.

One of the most challenging pieces of security identified by these healthcare CIOs was the proliferation of endpoints. That includes the proliferation of devices including mobile devices and the increase in the number of users using these technologies. There was far less concern about the mobile devices since there are some really deeply embedded software and hardware security built into mobile devices like Samsung’s Knox which has made mobile device security a lot easier to implement. The same can’t be said for the number of people using these devices. One hospital CIO described it as 21,000 points of vulnerability when he talked about the 21,000 people who worked at his organization. Sadly, there’s no one software solution to prevent human error.

This is why we see so much investment in security awareness programs and breach detection. Your own staff are often your biggest vulnerability. Training them is a good start and can prevent some disasters, but the malware has gotten so sophisticated that it’s really impossible to completely stop. That’s why you need great software that can detect when a breach has occurred so you can deal with it quickly.

On the one hand, it’s one of the most exciting times to be in healthcare IT. We have so much more data available to us that we can use to improve care. However, with all that data and technology comes an increased need to make sure that data and technology is kept secure. The good news is that many hospital boards have woken up to this fact and are finally funding security efforts as a priority for their organization. Is your organization prepared?

For more content like this, follow Samsung on Insights, Twitter, LinkedIn , YouTube and SlideShare.

About the author

John Lynn

John Lynn

John Lynn is the Founder of the, a network of leading Healthcare IT resources. The flagship blog, Healthcare IT Today, contains over 13,000 articles with over half of the articles written by John. These EMR and Healthcare IT related articles have been viewed over 20 million times.

John manages Healthcare IT Central, the leading career Health IT job board. He also organizes the first of its kind conference and community focused on healthcare marketing, Healthcare and IT Marketing Conference, and a healthcare IT conference,, focused on practical healthcare IT innovation. John is an advisor to multiple healthcare IT companies. John is highly involved in social media, and in addition to his blogs can be found on Twitter: @techguy.


  • No matter how good the electronic security systems are, hospital staff also need to STOP talking about patients in the cafeteria, elevator, parking lots, and lobbies. In spite of 20 years of HIPPA it still happens…

Click here to post a comment