Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Hospital Skirts Compliance Meltdown

BURLINGAME, Calif. -- StoragePlus -- Storage managers must take data classification and security into their own hands if they want to solve their compliance headaches, according to Karen Johnson, regulatory officer at the Ascension Health Network.

End-users, she warned during her keynote here today, can be more of a hindrance than a help when it comes to getting storage securely under control. The situation is particularly acute for Indianapolis-based Ascension Health Network, a healthcare firm encompassing 16 major midwestern hospitals. "How many of you have doctors that can remember passwords?" she asked healthcare execs in the audience, adding that security remains a major challenge in the medical sector.

With IT managers wrestling with the data retention demands of the Health Insurance Portability and Accountability Act (HIPAA), Johnson's 16,000 end-users simply add to this problem. "Any space that you give end-users, they will end up saving [data] to it," she explained. "I don't think that they know where the delete button is."

"If you're requesting voluntary deletion of material, it generally won't happen," warned the exec, adding that Ascension Health Network once found 10 copies of Microsoft Plus stored on its network.

The firm has built 250 Tbytes of SAN-based storage to support all its data, which includes Xiotech devices for file and print services and radiography data, as well as an EMC Clariion for electronic medical records.

  • 1