Highest Voted 'healthcare' Questions - IT Security Stack Exchange

36

votes

6 answers

What are the purposes of these security policies?

I work at an IBM lab and there are some security policies that I do not understand the point of. When I ask why we do them my boss simply says it's policy and avoids answering the question. We must keep empty drawers locked When we leave work we…

asked Jun 24 '13 at 01:38

hushhush

359
3
7

23

votes

10 answers

In Healthcare IT, is a "break glass" mode to bypass access controls commonly required?

I've seen referenced in literature the need to have a "break glass" mode in Healthcare IT applications. In this mode, the access controls in an application can be bypassed for an emergency when it is critical for a user to gain access to imaging…

access-control healthcare availability

asked Oct 24 '11 at 22:43

Steve Wranovsky

488
1
4
9

20

votes

4 answers

Protecting Health Care Database

I am doing a minor project on information security in which i am implementing techniques listed below to protect a HEALTH CARE database. Preventing SQL Injection (using prepared statements,validating,using a tokenization algorithm) Preventing CSRF…

sql-injection databases csrf protection healthcare

asked May 11 '14 at 16:50

Shubham Gupta

301
1
5

13

votes

5 answers

What is the risk of giving USB drives as promotional items by a healthcare provider

There have been a couple of instances where malware infected USB drives have been given away unknowingly as promotional items at conferences, e.g., IBM in 2010. Besides this, if a healthcare company were to give away "branded" USB drives, what…

malware data-leakage risk healthcare

asked Nov 11 '11 at 03:54

Cassandra Cross

131
2

13

votes

2 answers

Best practices for implementation of role-based access control in healthcare applications

Amongst the open source EMRs, which ones may be good to learn from? Any references I can go to as a starting point?

access-control rbac healthcare

asked Nov 09 '11 at 23:40

Ming K

243
2
8

12

votes

5 answers

what would be a good way for a doctor to send xrays encrypted to another doctor?

As a dentist, I often want to send medical information including digital xrays to another doctor. What would be a good/easy way to do this encrypted? Our organization currently requires that all such sent information be encrypted. Their current…

encryption email healthcare

asked Aug 28 '12 at 20:16

Ken Wylie

121
5

7

votes

1 answer

Healthcare company uses keyloggers for security purposes. Is this normal?

I just attended a recruitment session for a major healthcare provider in the United States. The presenter, a high-ranking member of one of their IT divisions (not security specifically) mentioned that they use a lot of security software on their…

keyloggers healthcare

asked Mar 13 '18 at 21:37

ndm13

245
1
6

7

votes

3 answers

Active measures against lost or stolen PDAs in healthcare?

Many physicians, nurses, and technical staff like to carry PDAs to be kept abreast of patient conditions. Various companies want caretakers to view ECGs on their iPads. Due to the incredibly private nature of medical records and data, if such a…

mobile data-leakage healthcare

asked Dec 20 '11 at 10:57

jonsca

343
1
6
21

6

votes

2 answers

What issues exist in generating a signed, paper-based PGP message stored by a hostile organisation?

I have recently been the victim of having my medical record tampered with by the organisation holding it. Under state law I have a legal right to submit information to be included in my medical record, but I cannot request any information to be…

pgp digital-signature confidentiality printers healthcare

asked Jun 16 '16 at 03:56

daniel

161
2

4

votes

2 answers

Anthem Leak - How do I find out if I'm affected?

Recently, Anthem (A health insurance company somehow associated with Blue Cross Blue Shield and potentially other insurance providers that I am unaware of) was the victim of a large data breach. I've seen reports that Anthem had a vulnerable…

data-leakage healthcare

asked Feb 11 '15 at 16:59

Fernando

705
5
17

4

votes

1 answer

Encrypt Medicare card numer in C# in ASP.NET

I am giving a free consultation for a non profit organisation that wants a simple system to manage multiple groups with a schedule component, etc. and also manage the medical informations of the kids. Its all in an Excel file but the problem is, it…

encryption .net asp.net healthcare

asked Apr 24 '12 at 04:07

metraon

141
3

3

votes

1 answer

Solution for Enterprise SW Eng. with Github and NPM

Can anyone share an architecture or framework that supports the use of Open Source software in enterprise software development environments? I'm seeking solutions to manage and mitigate the risk of compromised libraries and dependencies in CRAN and…

javascript source-code opensource healthcare

asked Oct 19 '15 at 16:12

Colin

181
4

2

votes

2 answers

How to get medical vendors to take security seriously?

I work as a CISO/Director of Cybersecurity for a large hospital. My background is in penetration testing, but I'm fairly new (a couple years) to the healthcare side. The challenge that I and almost every healthcare security exec faces is securing…

healthcare

asked Feb 03 '21 at 00:29

SomeGuy

730
3
18

2

votes

1 answer

UK healthcare encryption obligations

I'll soon be working on upgrading a system which contains a MYSQL server and redis server on AWS It works by querying two entire tables decrypting all of the contents and then putting the result in redis, the application then queries redis from…

encryption php aws healthcare

asked Aug 27 '17 at 13:31

arcanine

121
3

2

votes

1 answer

Shared floor space, cameras and HIPAA compliance

I am a compliance associate at my company, which is a small call center. My problem is that two of our clients will have to share floor space. One client is tech support for high-end action cameras, while the other is a healthcare account that deals…

hipaa healthcare

asked Aug 17 '16 at 21:04

Dadfia

23
3

Questions tagged [healthcare]