By Mac McMillan | Advance for Health Information Professionals


CynergisTek CEO, Mac McMillan recently wrote an article for Advanced for Health Information Professionals titled, “When Important Assets Go Missing” that reviews what is truly at stake and how to handle such an incident. McMillan looks at the common epidemic of an employee losing or having a device stolen that attributes to more than 40% of reportable breaches.

Everyone knows that the increasing number of mobile devices and the consumerization of IT in the enterprise creates endless security challenges. Now traditional strategies such as relying on user ID and passwords no longer provide the same amount of protection as they did when devices and network access were confined within the four walls of an organization. It is time to change the way we think. McMillan says, “We need to rethink how we deploy information assets and how we make information available.” The first step is to consider how/where sensitive data is present and permit access to it. We need better data management. McMillan suggests, “using techniques like properly segmenting critical assists, virtualizing workstations or mobile devices, employing data loss prevention technologies or encrypting assets.” Mobile devices will only continue to saturate healthcare organizations, as users want ubiquitous access to information.

Next, McMillan looks at what to do when one of those crucial devices is stolen or lost and provides a guidance list:

Protecting your assets is crucial to your security program. You need to keep any information assets accountable, have physical controls in place for the devices, have technical controls in place to defend your sensitive data from compromise, and have controls in place that can help if a device is lost or stolen. With the high costs of a breach, it is important to secure your assets.

Click here to visit Advance for Health Information Professionals website and read the entire article.