<img src="https://ws.zoominfo.com/pixel/cEO5AncHScwpt6EaX0mY" width="1" height="1" style="display: none;">
Skip to main content

Overview of Data Breach Risks & Solutions Related to Hospital Legacy Systems [Beckers Hospital Review]

   
In Collaboration with Becker's Hospital Review

Many hospital executives contend with older legacy IT systems that are vulnerable to cyberattacks and may violate HIPAA requirements. While technical challenges abound, one approach is to provide detection and response capabilities through network firewalls through which legacy systems communicate.

Regulatory Obligations to Protect Patient Data on Legacy Systems

HHS and OCR have noted that the HIPAA Security Rule requires covered entities to protect electronic protected health information (ePHI) on IT systems, including legacy systems. However, there are many challenges to implementing cybersecurity programs on these outdated, vulnerable systems. These challenges include:

  • Inadequate security features for safeguarding PHI
  • Lack of ongoing security updates
  • Limited audit capabilities for incident detection
  • Difficulty implementing strong data encryption
  • Interoperability challenges hindering secure data exchange
  • End-of-life issues for unsupported systems
  • Difficulties meeting data retention and destruction requirements

 

Continue Reading the Article