Medical professionals have always been sensitive to maintaining patient confidentiality, but with the passing of the HIPAA act in 1996, specific regulations were set forth in regards to the privacy and security of patient information. To be in compliance, specific controls must be in place to preserve the security of sensitive information transmitted over open or private networks, so that it may not be viewed by anyone but the intended recipient. The wireless networks that support this extended access, are subject to the HIPAA regulations.
As with any system, unless strict security protocols are followed, confidential information can be subject to unauthorized viewing. Security experts agree, the problem is that security requirements for wireless systems are much more complex than for wired systems.
For example, a wired system has limited access points, and wired computers are inherently more secure than wireless connections. The very nature of a wireless system is the ability to access it from multiple locations, making authentication more difficult. Another problem, wireless data can also be intercepted much more easily than wired data.
Industry leaders have worked hard to outline specific security measures that wireless network administrators can take to prevent unauthorized viewing of data.
- First - make sure that users have unique identifications and that all users are authenticated.
- Second - limit levels of access. This means that only specific individuals or departments will have access to certain types of information.
- Third – make certain that all data be transmitted in encrypted form.
