Secure, Simplified Access to eClinicalWorks

Challenges of Securing Patient Information

Physicians and clinicians need secure access to patient information to ensure quality care. Compliance and privacy mandates like HIPAA curtail the widespread sharing of data. At the same time, workplace restrictions imposed by COVID has meant wide use of remote desktop protocols (RDPs) and remote access by VPNs. Both are susceptible to software vulnerabilities that, if exploited, can result in significant losses. Attacks targeting RDP increased 768% in 2020 alone. Threat actors have noticed – healthcare is now the most targeted industry and data breaches are becoming increasingly common. Patient information is valuable, the sheer number of devices used in medical settings make them difficult to keep up to date, and workers need anytime, anywhere access to shareable data from their device of choice.

VPNs offer broad network-level permissions where both authorized and unauthorized users may be able to access information beyond the requirements of their job.

Zentry Trusted Access uses natural language, granular policies that restrict access to individual applications, including eCW. These policies are globally administered and follow users regardless of their location and time of day, significantly reducing the attack surface. Zentry also maintains comprehensive logs of who accessed specific information – and when they did it. Out-of-bounds incidents are logged and subsequent access can be allowed or denied if necessary. This helps ensure both compliance and security guidelines are met without having to modify eCW in any way.