Summary: How do security leaders at community hospitals address data security challenges such as compliance with the HITECH Act? <p>Charles Christian, CIO at Good Samaritan Hospital in Vincennes, Ind., also serves as the defacto chief security officer, dividing up many data security tasks among the members of his team, each of whom also are multi-taskers. </p><p>In this interview, Christian, the former chairman of the Healthcare Information and Management Systems Society (HIMSS), describes the: </p><div id="blist">Creation of a security breach notification plan to comply with the HITECH Act;</div> <div id="blist">Acquisition of an identity management system;</div> <div id="blist">Encryption of all data that goes "outside the building;" and</div> <div id="blist">Prohibition of storage of patient data on laptops.</div> <p>He also provides a real-world example of the value of an intrusion detection system that immediately pinpointed the room where someone visiting a patient unplugged a PC and plugged his laptop into the hospital's network.</p>
