Morse Watchmans Blog

Threat Assessment and Prevention for Healthcare

Fernando Pires October 30, 2018
Fernando Pires

AdobeStock_97371841-413895-edited

Today’s healthcare organizations are taking a risk-based approach when planning security strategies for protecting patients, staff, visitors and data. By looking at industry challenges, and analyzing their own information, each individual facility can identify priorities in assessing threats and determining best practices for maintaining a safe and secure environment.

In gathering the evidence and information to enable these decisions, your security personnel can collect significant insights from the use of keys in the organization.

There are still hundreds or even thousands of physical keys in use in a typical hospital facility. Storage rooms, electrical/equipment closets, medication cabinets, nurse station drawers and many other locations are likely to be secured by locks that open with physical keys. Because of the extreme sensitivity of the contents of these areas, access to these keys must be strictly limited to only those individuals who are authorized to enter or open them. A key control system secures each individual key or key set and releases it only when credentials are presented.

But using a key control system does more to help you manage and prevent risk than simply controlling the access to keys. By providing a robust audit trail along with reports that provide a wealth of analytics relating to the use of keys, a key control system can enable you to assess current vulnerabilities and prevent future threats.

Data from key control systems can reveal, for example, when a specific employee has attempted numerous times to remove a key for an office which they were not authorized to enter. If one particular equipment closet key has been targeted multiple times, security measures can be stepped up for that location. There is a vast variety of insights in the information around when and how keys are used, and by whom. Even authorized personnel can misuse their permissions; key control systems data will reveal this as well.

Further, by integrating your key management solution with other security and business systems, you can create rules and policies that more specifically relate to the challenges and pain points experienced by your own organization. This will make it possible to configure your system to notify management when the threat level has risen due to an identified event such as a new employee attempting to remove a specific key.

Healthcare organizations are now faced with more challenges than ever when it comes to threat assessment and risk mitigation. With violence against and by patients, cybersecurity, and compliance with government regulations as top priorities for healthcare administration, it is important to leverage the insights provided by the organization’s own data. By implementing a key control and management system, you can expand the information available and take another vital step in protecting your healthcare facility.

Topics: Healthcare, Insider threats