PRIVACY & SECURITY FORUM: A HIMSS EVENT
San Francisco, CA - May 11 - 12, 2017
All healthcare organizations, including health insurers, medical practices, hospitals, labs, and government agencies, process and store huge volumes of sensitive information – from medical records to payment information to personal identifiers, like social security numbers and birthdates. Inadequate controls in IAM processes and technology can lead to exposure of this data and HIPAA and PHI non-compliance issues.
IAM failure rates are high for healthcare organizations because many practices rely on individuals to manage complex processes completely by hand. Often organizations neglect to deal with faulty processes and bad data. They make the mistake of acquiring technology to mitigate the risks without taking the time to correct any known or perceived gaps in the process or data. The result of this approach is that governance is ad hoc and informal, tools are put in place on a piecemeal basis, and responsibilities are poorly defined.
IAM assessments identify these gaps and provide an organization with a roadmap to better Identity & Access Management and stronger security of their data and applications.