Clinical Laboratory IT Security: Challenges, Implications, and Solutions

The invention of computers has enabled efficient and effective management of clients. But security issues have been a major concern to both software applications and their stored data. Clinical laboratory departments in hospitals are no exceptions; they store patients’ health records such as name, kind of diseases diagnosed, medicine prescribed, frequency of reception and drug reactions, etc. Since patients who visit many health facilities may have multiple health records, the need arose for a shared system that all clinicians can access. This led to the development of centralized medical records that all stakeholders can access over the Internet.

Challenges to Clinical Laboratory IT Security

Data or information in clinical laboratory systems are always very sensitive and require secure environments. This is normally not the case in many laboratory systems. The systems are accessible by physicians, nurses, laboratory workers, patients, patients’ relatives, information technology support, IT service providers and firms that maintain them. Since they can be accessed by many people who need the data, securing the records becomes a challenge. Threats to clinical information are grouped into human, natural, environmental and technological factors. Human factors are threats imposed by human beings. They include hacking, stealing of passwords, eavesdropping, interception and physical damage. Hacking involves trying all means to compromise a system. It includes trying many letters to guess passwords to gain permission to access systems and steal information. Though some hackers may not interfere with systems, their access to the system has far-reaching implications for clinical laboratories. They can also steal passwords while users enter them. This permits them to enter the clinical laboratory system. In certain cases, people can secretly listen to the private communication of clinical workers. This commonly occurs while communication occurs over the Internet and can be done in person or using specialized software. The message content reaches the destination unaltered in eavesdropping, but the eavesdropper remains with a copy of the entire information. A human can also intercept information traveling over the network. In such a case, the information does not reach the intended destination but remains with the interceptor. Human physical actions always challenge information technology infrastructure. They include physical shooting, flooding of computers, and passing electromagnetic substances over computer storage devices. Physical shooting and flooding of computers destroy both hardware and software, while electromagnetic material destroys information stored in computer storage devices. Technologically malicious computer software, such as viruses, Trojans and worms, can greatly affect data or information stored in the clinical laboratory system. The effects of their actions range from slowing down computer systems to permanently deleting stored information.

Order Now