Do you know that in america alone, over 76 billion cases of extremely confidential Protected Well being Info (PHI) have been reported to be uncovered in breaches up to now 24 months?1
Sadly, the specter of cyberattacks in healthcare continues to develop because the trade faces the arduous job of securing extremely precious and delicate info in Digital Well being Report (EHR) techniques. Whereas an EHR system provides many advantages, it additionally presents an amazing safety problem. Specifically, EHR techniques comprise delicate info, corresponding to individually identifiable well being info that have to be shielded from unauthorized entry below Well being Insurance coverage Portability and Accountability Act (HIPAA) tips and the lately up to date Well being Info Expertise for Financial and Scientific Well being Act (HITECH). 2
One strategy to securing EHRs is microsegmentation, a community safety approach that creates smaller, remoted community segments inside a bigger community. Every phase incorporates a particular set of assets or workloads, corresponding to a particular utility or sort of knowledge. By segmenting the community on this approach, safety insurance policies may be enforced at a extra granular degree, making it tougher for attackers to maneuver laterally inside the community.
So, what are the methods that you may implement a technique of microsegmentation inside your healthcare group?
Cisco Safe Workload
Cisco Safe Workload is without doubt one of the options that can be utilized to implement microsegmentation in healthcare environments. This answer makes use of a mixture of software-defined networking and policy-based safety to create and implement microsegmentation insurance policies. Workloads are robotically categorised based mostly on their traits, and insurance policies are utilized based mostly on this classification.
For instance, a healthcare group can use Cisco Safe Workload to create separate segments for EHRs, billing techniques, and different purposes. Every phase would have its personal set of safety insurance policies, corresponding to guidelines governing entry management and information encryption. Within the occasion of a safety breach, the influence could be restricted to the phase by which the breach occurred, moderately than affecting your entire community.
Cisco Software Centric Infrastructure
Cisco Software Centric Infrastructure (ACI)is one other answer that can be utilized to implement microsegmentation in healthcare environments. Cisco ACI is an information heart networking answer that gives complete policy-based automation and administration of your entire infrastructure. It makes use of a declarative mannequin to outline the specified state of the community, and robotically configures the community to match that state. With Cisco ACI, microsegmentation may be simply carried out and enforced. Cisco ACI’s coverage mannequin permits for extra granular safety insurance policies to be utilized to particular person purposes or workloads.
Each Cisco Safe Workload and Cisco ACI can be utilized in conjunction or as standalone techniques as a part of your group’s path to securing the EHR, leveraging application-focused microsegmentation both on-premises or within the cloud.
Microsegmentation can be used to help compliance with regulatory frameworks such because the Well being Insurance coverage Portability and Accountability Act (HIPAA), Well being Info Expertise for Financial and Scientific Well being Act (HITECH), and HHS 405d. By implementing granular safety insurance policies, healthcare organizations can exhibit to auditors that they’ve taken acceptable steps to guard affected person information. Additionally, microsegmentation is a part of the bigger zero belief journey outlined within the Nationwide Institutes of Requirements and Expertise framework (NIST SP 800-207).
Along with bettering safety, microsegmentation may also assist healthcare organizations enhance community efficiency. By creating smaller segments, community visitors may be higher managed, lowering the chance of congestion and bettering utility efficiency.
Safety is a steady journey, however Cisco can assist you to navigate the panorama and stroll with you as you mature. When you have questions on microsegmentation or on find out how to take the following step in your safety journey, we encourage you to achieve out to a member of our CX healthcare follow.
- HHS OCR Reporting: Discover to the Secretary of HHS Breach of Unsecured Protected Well being Info – as of Apr 20th 2023
- HR7898 – HITECH Act – Protected Harbor