Healthcare CIOs Struggle to Secure Networks
Since that network outage (see "All Systems Down" at www.cio.com/printlinks), Halamka has added some structure to the medical center’s networking policies and has refreshed some of the staff’s network management skills. But other than that—and a Slammer virus network infection on Jan. 25—Halamka continues to pursue new applications for patient care, and spreads himself as far and as thin as he possibly can with supply chain, asset management and other projects. "Our [new] application efforts are more intense than ever," he says.
This indeed has been an intense six months for health-care CIOs in general, judging by some very public incidents (see "Health-Care System Snafus," Page 22). Add to that the SQL Slammer virus attack that infected the six-hospital Covenant Health network based in Knoxville, Tenn., and you’ve got an infirmary full of IT applications and infrastructures needing attention. Stat.
"All of this takes on an added sense of urgency in our industry. It’s more than an inconvenience because it impacts the delivery of care," says Frank Clark, senior vice president and CIO of Covenant Health, who watched "the insidious Slammer," as he calls it, take over his network.
It took only two minutes, in the wee hours of a Saturday morning in January. After bouncing off Covenant’s firewalls, the worm later struck again. This time it burrowed into a prescription computer system through a single open port connected to a trusted technology partner. It took 12 hours to flush the worm from Covenant’s systems. The six hospitals resorted to manual care.
"It could have been much worse if it had been a weekday," says Clark, who tells of the Slammer ordeal in an e-mail reacting to Halamka’s story. Clark titles the missive "Misery loves company." So what’s going on here? Are these incidents just plain bad luck, or are we seeing symptoms of a larger problem?
"Health care has taken quite a rap in IT investment and IT leadership" on a national level, says Elliot Stone, head of the Massachusetts Health Data Consortium, a group of health-care CIOs in the state.
Stone says these CIOs are being asked to use technology to improve care while also cutting hospital costs. These goals may conflict. At the same time, "we’re talking about an industry that clearly has constrained financial resources" to begin with, Stone says.
Get the latest on network infrastructure tools and technologies.
