Cisco has pushed its data security model into the healthcare sector. 


Following success gained in the retail sector for its Payment Card Industry (PCI), the company has now introduced its first validated architecture to address PCI compliance in healthcare settings.

 

Specifically, the PCI Data Security Standard is providing healthcare organisations with a prescriptive model for how to safeguard patient financial transaction data and other personally identifiable information that is captured and processed within a healthcare facility, or settings such as retail pharmacies.

 

The service offers comprehensive design and implementation guidance to protect credit card, sensitive patient demographic, and employee information as well as a holistic approach to specific data security challenges.

 

Beyond the new PCI standards for healthcare, data security is an increasing are of focus for both health organizations and Cisco. Both Cisco's Unified Wireless Networks and Ironport email security appliances have received endorsement from the American Hospital Association.

 

According to a data security study by Secure Works, external data security related attacks on the healthcare industry increased by 85% between January 2007 and January 2008. One challenge is that one in four healthcare executives does not know where their sensitive data is located while many organisations do not have a security framework in place to provide optimal protection.

 

Frances Dare, director, Cisco Internet Business Solution Group (IBSG) healthcare practice, said: “Survey data tells us that healthcare consumers are just as concerned that their identity may be stolen or abused as they are that private information will be released. The PCI standards help a wide range of healthcare organizations protect essential patient demographic and financial information in addition to the tremendous work by hospitals and others to protect personal clinical data.”

 

John Halamka, managing director and chief information officer of Harvard Medical School and chief information officer of CareGroup Health System, said: “The privacy of patient information is foundational to the healthcare industry. The new PCI security standards are important additions to the larger data security picture for health organizations. In addition to these standards, legislation currently moving in Congress signals other security requirements that may soon affect healthcare. This is an important time for healthcare leaders to strengthen their security policies, practices and technologies.”