New Jersey's single largest healthcare provider, Saint Barnabas Health Care System, is rolling out a major data-loss prevention (DLP) initiative that will enforce new content-control restrictions on over 10,000 laptops, tablets and desktop PCs used by its medical staff.
More on data loss efforts: Data-loss prevention comes of age
Like all hospitals, Saint Barnabas, which has six main healthcare locations in the state, must abide by state and federal privacy-protection rules, such as HIPAA and the HITECH Act, to protect sensitive patient personal health information or face possible penalties. However, the Saint Barnabas effort, which will put Symantec's DLP host-based software on over 10,000 devices, is intended not to make it harder for physicians and support staff to share information, but easier, because the DLP software will recognize what's sensitive and what's not.
"The agent on every desktop and laptop enables policies on what type of data they collect or what they e-mail," says Hussein Syed, director of information-technology security at Saint Barnabas Health Care System about the host-based DLP software.
On its computers, Saint Barnabas has long made use of self-encrypting hard drives supported by Wave Systems. Current policies require hospital data taken from hospital computers to be encrypted, such as with encryption-capable USB drives. But with DLP deployed, Syed anticipates there will be more flexibility for medical staff because the DLP on the endpoints will recognize what's patient-health information data vs. what's "just a medical document," he points out.
The DLP project is getting underway in the next few weeks, and there are concerns. There's the need to make sure that the thousands of physicians and staff who will see the effects of DLP's blocking and warnings, and understand what needs to be done. Physicians are being kept up to date on the project and so far are largely supportive, Syed says. But now that it's going into deployment, it will be a matter of making sure DLP works right for all, especially as the problem of false positives can occur. "Sometimes there are false positives, so we're working with IT staff to slowly roll it in," he says.
Read more about wide area network in Network World's Wide Area Network section.