From 2010 to 2013 more than 29 million patient healthcare records were compromised in nearly 1,000 reported security breaches. A recent study from Stanford University and Kaiser Permanente says that more than half of those instances involved deliberate unauthorized access to data or attempted theft of hardware where the data resided. The report says intentional hacking to steal data has risen from 12 percent to 27 percent as a portion of all data breaches during that period.
To combat this growing threat, healthcare organizations are constantly looking for ways to enhance IT security. MemorialCare Health System, a six-hospital, integrated delivery system in southern California with more than 200 locations in Los Angeles and Orange counties, is finding that using Aventura’s Roaming Aware Desktop (RAD) platform supports its comprehensive approach to security risks.
“It’s all about containing patient data within the four walls of the enterprise,” says Scott Raymond, Executive Director of Information Services. “We’ve been very proactive about data security at MemorialCare.”
The organization has employed a traditional IT environment: installing their Epic EHR and other applications locally on computer workstations with security safeguards like hard drive encryption, port blocking, log in credentialing, and locked workstations.
MemorialCare decided to further enhance their security strategy by moving to a Virtual Desktop Infrastructure (VDI) with thin clients and VMware View to further reduce risks that conventional desktop installations may present.
Enabling Roaming with Aventura’s RAD
A key component of the strategy is the use of the Aventura RAD platform. RAD allows clinicians to tap in, authenticate their username and password with their badge, verify their credentials, access Epic and other required apps, and allows that desktop to ‘follow’ them wherever they go so they can continue their work on any computing device in the system.
“Aventura simplifies password management by minimizing the number of times users have to use it to access the systems,” says Raymond. “It allows us to have those credentials hidden and use Single Sign-On (SSO) through a dual authentication process. Once signed in, users can take that Epic session with them wherever they go and not have to keep signing in.”
“We chose Aventura in part because we felt it was a system that would grow with us as we continue to develop our virtual environment.
For a more in depth look at security in particular and roaming Epic, click here to sign up for Scott Raymond’s webinar MemorialCare: A Case Study on Roaming the EHR in the ER on September 10.
MemorialCare Innovation Fund, LP is an investor in Aventura.