Imprivata’s Geoff Hogan authored an article for Security Technology Executive last month titled, “Passwords in Peril” that delves into the password management conundrum that organizations face with the growing number of applications that employees use daily. While the article summarizes succinctly the helpdesk costs issue, employee productivity and the data security vulnerabilities that a runaway password management problem causes, it also highlights effective single sign-on (SSO) strategies and tactics to overcome these challenges. I wanted to take this opportunity to pull out a couple of SSO and Password Management best practices that Geoff covered, while adding a couple more...

The right single sign-on (SSO) solution can resolve your password management issues. However, some SSO solutions raise as many issues as they promise to solve—the cost of purchase can be quite high, and the complexity of implementation and management can overwhelm IT departments. As you start your SSO vendor evaluation process, it’s important to know what questions to ask to ensure that you have a thorough understanding of the complete solution including product features and functionality, implementation and deployment, and ongoing management. Sample questions across important categories include...

The HIMSS Virtual Conference occurred this week, covering myriad of topics ranging from Electronic Health Records (EHRs), impact of the HITECH Act, workflow optimization as well as privacy and security in the cloud for healthcare systems. One presentation that readers of this blog may find useful was that from Box Butte General Hospital on Nov. 4 at 9:00am CT (you can register on the site for access; HIMSS members can already access it online). Here’s a brief synopsis from the session description highlighting what was covered in the presentation...

This week, I took part in Network World’s annual real-life scary security stories podcast, a panel hosted by Keith Shaw that looks at some of the most frightful security incidents over the past year. This year, I focused on some of the data security incidents that are becoming all too common in the healthcare industry.

Back when this blog was in its infancy, we outlined a number of identity management resources that readers should check out. Those blogs are still on the “must-read” list, but there are a number of new ones that have popped up that people interested in identity and access management may find useful...

I read a good article on FierceEMR recently surrounding a PricewaterhouseCoopers survey on electronic medical records (EMRs) that indicated that the secondary use of this information may be an organization’s greatest asset over the next five years. An overwhelming 76 percent of respondents agreed, and pointed to the abilities for mined data to decrease healthcare costs, predict public health trends and improve patient care. EMRs, with vendors such as Allscripts, NextGen and QuadraMed blazing the trail, have been a huge focal point of healthcare payers and providers, pharmaceutical companies and the general public with healthcare reform a primary platform of the Administration.

I just left the annual Cerner Health Conference in Kansas City, where clinical and technical users of Cerner software gather to share ideas, best practices and technology solutions that are molding the future of healthcare.

This week I had a chance to talk with Network World’s director of programming Keith Shaw about the various ways that employees breach data security – both intentionally and inadvertently. The podcast interview captures a number of ways that employees breach enterprise security, whether by accident or with malicious intent. Here are some of the highlights...

Khalid Kark of Forrester Research recently issued a useful whitepaper that outlines the security reforms needed to improve patient data security in the healthcare industry. The whitepaper highlights four key reasons why healthcare organizations are failing behind on security. Khalid provides a comprehensive set of recommendations to help healthcare organizations address these challenges – these are near and dear to what we do here every day. I thought I would share some of the insights gathered from work with our many healthcare customers.

I am currently at the Insight 2009 Annual Conference in Orlando, where 1,200-1,400 attendees are converging to learn and build relationships centered on their McKesson healthcare IT systems. Users are hearing details of new product enhancements and integrations, learning best practices and engaging in valuable peer discussions they can take back to their organizations. Overall, there seem to be two overarching themes that are driving discussions, both in sessions and in the hallways...