Tackling the Cybersecurity Challenges Within the Healthcare Industry

medicine doctor touching electronic medical record on tablet dna picture id1165067633

The pandemic has caused healthcare institutions around the world to re-examine their cybersecurity strategies to ensure the safety of their organization and customers. Perhaps more than any other industry, cybersecurity is crucial for healthcare, especially as healthcare workers globally adjust to a new normal that relies heavily on providing care to patients from remote locations—whether its a remote testing site for rapidly and safely scaling COVID-19 testing or telehealth services performed from a home office. Many are looking for a solution that not only protects their infrastructure but also to support the best patient care possible, business outcomes, enhanced user experiences, and quality-of-life improvements.

Cybersecurity in healthcare is a complex challenge but with the right security solutions and resources, organizations can readily implement an effective security infrastructure. However, as these healthcare organizations search for the right security partnerships, there are key factors to consider. Below are three customers who implemented Fortinet’s Security Fabric solutions to secure their healthcare environment. The security and networking issues they needed to address are similar to the challenges being faced by healthcare facilities around the world.

Large Pediatric Hospital

In the Northeastern United States, a major pediatric hospital is accustomed to leading the way. The hospital’s research arm is world-class, and that spirit of innovation also reaches into their patient care. This hospital’s advanced infrastructure enabled some of its healthcare providers to work remotely, including from the comfort and safety of their homes. However, as new workloads and critical resources are deployed, it is essential that the data, applications, and other digital resources being migrated across the network are properly secured, especially since many of the devices are in remote locations outside the traditional enterprise perimeter.

To enable contactless healthcare and the ability for physicians and other healthcare providers to work from remote locations, the hospital needed a network access solution that included deploying a networking device in each radiologist’s home office so they could securely access large files, including x-rays, MRIs, and other scans. This device not only needed to provide enterprise-grade security, but it also needed to integrate with the third-party authentication system that the hospital already had in place. It was also crucial that this device prevented network access by any personal devices attached to the home network.

And to successfully enable widespread remote access, the hospital also needed the virtual private network (VPN) solution to be as simple and easy-to-use as possible. What the hospital wanted was a single solution with an intuitive user interface that combined high-performance network connectivity and best-of-breed security. FortiGate’s next-generation firewalls (NGFWs) enabled this hospital to secure their network infrastructure from end-to-end. The hospital’s physicians now have an easy-to-use means of working from the safety of their home, and IT staff have streamlined the management of the networking devices they have distributed throughout the Northeast.

Regional Healthcare System

For many organizations, the need to transition to remote working has caused operations to slow or even shut down. However, the healthcare industry still needs to work at full speed. With an abundant number of patients to care for, one regional healthcare system’s top priority was to protect its patients by moving COVID-19 testing off-site, while leveraging a flexible telehealth solution to see and manage patient care remotely.

With the increased level of network activity required by telehealth solutions, detecting and managing cybercrime can become very difficult for healthcare IT teams. To secure their telehealth initiatives, healthcare providers require full visibility into their network infrastructure. This regional healthcare organization chose to leverage the Fortinet Security Fabric to do just that, enabling centralized visibility and management of the devices at their remote testing sites while simultaniously addressing compliance requirements. By deploying Fortinet’s Fabric Management Center—which includes FortiManager and FortiAnalyzer to enable centralized management, network automation and orchestration and Security Fabric analytics—at their headquarters, this organization could manage and monitor the security solutions at their remote sites from a single console. They also implemented Power-Over-Ethernet (PoE), making it so only a single outlet or generator is needed to power the entire solution, ensuring security in even the most basic conditions. The core components of this solution consist of a FortiGate next-generation firewall (NGFW), a FortiSwitch, and a third-party wireless access point, all working together to provide a secure connection to the headquarters.

With Fortinet’s enterprise-grade security in place, this organization’s medical personnel were able to maintain confidentiality and compliance with the Health Information Portability and Accessibility Act (HIPAA) by leveraging FortiGate NGFWs at their remote sites and enabling secure VPN connectivity between these locations and the main office. This ensured that patient data traveling over untrusted networks is never exposed to eavesdroppers.

Metropolitan Healthcare System

Finally, a large metropolitan healthcare system with hundreds of hospitals and ambulatory care sites determined that additional remote sites were crucial for scaling COVID-19 testing to meet demand. By joining forces with Fortinet, this healthcare system was able to rapidly acquire and deploy the equipment necessary to create a solution for remote testing sites.

In this particular metropolitan setting, population density is high and public transportation is the norm. Enabling remote sites to test at scale was critical to meet the needs of this population, and allowed patients to limit contact with one another by removing the need to travel to a traditional care facility to get tested.

This healthcare system knew that the Fortinet Security Fabric could provide everything that their hospitals needed to deploy and secure their remote testing sites. Because the remote sites were selected for their size and not their location in the cellular network, connectivity strength was variable. To maintain consistent performance of its critical applications at the sites, the hospital system needed a way to automatically optimize the utilization of the WAN bandwidth available at each location. Since every FortiGate NGFW contains built-in Secure SD-WAN, this need was easily addressed. Fortinet Secure SD-WAN is configured to ensure that bandwidth allocation and traffic shaping are performed based upon an application’s requirements, ensuring critical and latency-sensitive applications are prioritized when network bandwidth is limited. With FortiGate NGFWs for security and VPN connectivity, this organization can get maintain a reliable connection to headquarters to securely share and update data in real time.

Prioritizing Cybersecurity

Healthcare organizations should be prioritizing cybersecurity when implementing telehealthcare services and other contactless services. With the continued evolution of the threat landscape, the healthcare industry needs to create a security framework that supports digital innovation while addressing new cyber threats and increased business risks. And to meet the unique demands of rapid field diagnosis, testing, and other remote clinical functions, healthcare organizations must also ensure high network performance. Telehealthcare requires secure and resilient solutions that both protect confidential information and ensure connectivity for critical functions. Security solutions that support both sets of requirements are key to enabling services through a wide variety of possible disruptions.

Discover how Fortinet Teleworker Solutions enable secure remote access at scale to support employees with a wide array of access requirements.

Learn more about enabling the latest advances in patient care while protecting against cyberattacks with healthcare cybersecurity.

Copyright © 2020 IDG Communications, Inc.