Bluefire Success Story: Healthcare
Situation
Growing use of mobile devices by personnel at a large, university research hospital prompted concerns about the security of sensitive patient information. Researchers, physicians, and nurses used smartphones and PDAs, often their personal devices, to access patient records, pharmacological information, and other data from university servers. With no security policy covering staff use of mobile devices, the research hospital became concerned about its compliance – or lack thereof – with provisions in the Health Insurance Portability and Accountability Act (HIPAA).
Vulnerability
The hospital faced two critical security issues related to staff use of smartphones and PDAs:
- Security of data on wireless devices
- Possibility of attacks from unknown individuals or entities
Solution
Bluefire Security Technologies recommended the following wireless device security solution:
- The Bluefire Mobile Security® Enterprise Edition with firewall, authentication (password protection), and encryption
- The Bluefire Access Manager to control use of unsanctioned devices on the hospital’s network
Results
The research hospital included Bluefire software as part of its HIPAA compliance program, which has been approved by outside auditors. In addition, the hospital is using Bluefire software to track wireless network access, and to control the use of employee-owned devices on the hospital campus.