CIO at hospital caring for Boston Marathon bombing victims and suspect shares lessons learned

By , Network World |  Security

Dr. John Halamka, CIO at the hospital where Boston Marathon bombing patients and suspects have been treated over the past week, has shared in a blog post Tuesday lessons learned from an IT and security management perspective.

"IT in general experiences more demands than supply," Halamka wrote. "Last week, we learned firsthand how technology can support a disaster. As we think about all the work on our plates, our plans going forward must incorporate our recent experiences."

[ RELATED: Boston techies rally to support Boston Marathon bombing victims

MORE: Reddit apologizes for 'online witch hunt' for Boston bombing suspect ]

Halamka, who consumed news of the tragedy initially via social media while flying from Los Angeles to Boston, says other members of his IT organization were among first responders at the finish line. Seven Beth Israel Deaconess Medical Center (BIDMC) IT staff members were volunteers at the medical tent and finish line, and their familiarity enabled them to stay strong and calm while tending to those who were harmed in the bombing.

None of the IT staff was harmed, but Halamka wrote that "as we think about risk planning in the future, we'll need to consider the events of last week when told something as innocent as 'the majority of the database administration team is going to volunteer at the marathon.'"

Halamka said the events of last week in Boston will also force his team to rethink its application, network and data center access strategies. While BIDMC is enhancing security of its apps and network by limiting access to those who really need it, Halamka writes that the situations that prevent most employees from working at home might require allowing more access at certain times. Disaster recovery planning also needs to be rethought to take into consideration circumstances where people can't access or leave a data center for long periods of time.

In a hospital setting where high profile patients reside, in this case victims and suspects, privacy is ultra-important and BIMDC took communications and analytics measures to ensure privacy. Among other things, BIMDC arranged for a message to show up atop the page of its intranet for all staff members to see that reminded them of data lookup policies and social media rules (such as not tweeting out any information about patient identities or condition).

"Might there be new workflows required in the future such that appropriate individuals are paged/notified within seconds after a lookup occurs? In an emergency/mass casualty disaster, how can we balance the need for increased security/privacy and appropriate access with real-time auditing alerts?" Halamka wrote.

Halamka praised BIDMC and other hospitals in town for their cooperation in securely sharing patient medical records, a longtime hot-button issue for this tech-oriented medical professional. 

Bob Brown tracks network research in his Alpha Doggs blog and Facebook page, as well on Twitter and Google +.

Read more about infrastructure management in Network World's Infrastructure Management section.

Don't miss...

LinkedIn mistakes
12 LinkedIn mistakes IT pros make
Nexus 7 alternatives
9 cheap Nexus 7 alternatives

10 geeky street signs: Finding your way to nerdvana

  Sign me up for ITworld's FREE daily newsletter!
Email: 
 


Originally published on Network World |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Ask a Question
randomness