Cybersecurity Challenges Facing Ambulatory Surgery CentersTom Hui, CEO of HSTpathways, Discusses Mitigation Strategies
Ambulatory surgery centers face a variety of difficult cybersecurity challenges, says Tom Hui, CEO of software vendor HSTpathways.
"Freestanding surgical centers often don't have a dedicated IT professional that is on staff and on call 24x7," he says in an interview with Information Security Media Group. "So the challenges are different from the time they start with an information system versus maintaining security once an information system is implemented."
Among the challenges these facilities face, he says, are keeping up with the latest technology and monitoring compliance with security best practices.
While most ambulatory surgical centers have practice management systems to automate their administrative processes, relatively few have implemented electronic health records, he notes. "And so the awareness ... of security of electronic health record systems at ASCs is in its infancy," he says.
At most surgery centers, staff members generally are not IT savvy "and they need to be reminded constantly, educated constantly about the dangerous things to do on a computer, such as opening attachments that they get via email," Hui notes.
The push to integrate medical equipment, such as anesthesia machines, with information systems, is creating new risks, he says. "Now we have an additional element of what happens on the network. If the data is not encrypted, then you're relying on the network security to protect that transmission of information."
In the interview (see audio link below photo), Hui also discusses:
- Security challenges involving legacy medical devices used at ambulatory surgery centers;
- Other top cybersecurity challenges at these facilities;
- The role of encryption.
Hui is founder and CEO of HSTpathways, a cloud-based software solutions provider for ambulatory surgery centers. Previously, Hui he was CEO and founder of Surgicenter Information Systems.