The internet is a part of our everyday life, and it is time that certain industries come on board and integrate with our daily lives. The most important industry I see should fulfill this demand is healthcare.Everywhere access to healthcare is becoming more important every day. With people working across the globe, the need for medical chart access is paramount.Let’s take private contractors who support military in Iraq and Afghan for military efforts, for example. Granted, they have medical attention if they really need it. However, for the medical provider to obtain and review medical charts to provide adequate care for the person, it is going to be tough.(It is not like the person can go around carrying around their own medical chart in their pocket. We also cannot just put them on a USB drive and send via SFPT.)On the other hand, let’s take the point of view of people and/or families traveling around the world. Some might be refugees, dislocated families, and/or travelers. Their medical charts are needed when for their safety but also for others’ safety when entering a new country.It is important for both types of end users in this example. The medical providers could potentially provide the wrong type of care, and the patient might have something of which they might need to inform medical providers.So, this brings us to two question: what can be done about it, and how can it be done?With all the local, state and federal laws, along with company and corporate policies in place, there is a lot of red tape that would make it sticky to move anything forward for anyone. There are so many items that need to happen prior to the exchange of this information, and respectfully so.The preservation of PHI and PII should be at everyone’s forefront. Business associate agreements (BAAs), non-disclosure agreements (NDAs), and every other alphabet soup-type agreement needs to happen along with their technical implementation.In response, it is recommended to keep the customer information protected; understand and adhere to all laws, rules and regulations; and make this happen the best we can for the customer. Essentially, figure out a way to make it happen and not stand in the way like a road dump.Remember, it is not your information; it is the customer’s information, and they need it. From a technical aspect, figure out a way to securely transmit information to a remote and or undisclosed location. Implement technical safeguards for understanding who your users are, authenticating them, and providing access to a secure platform, so that the user can review and obtain their medical charts.The time is upon us for online medical charts sharing. To understand where the information is coming from, we need to determine if there is a secure location to go to and drop the medical charts, as well as what secure safeguards are in place to ensure malicious events can be avoided and/or mitigated.We are able to put a man on the moon, so I am sure we can do this. It will be simple but not easy.
About the Author: Ricoh Danielson is a U.S. Army Combat Veteran of Iraq and Afghanistan. As a digital forensic expert in cell phone forensics for high profile criminal and civil cases, Ricoh has a heavy passion for information security and digital forensic that led him to start up his firm (Fortitude Tech LLC) in the middle of law school to become Phoenix’s heavy hitting digital forensic power house.Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.