Analysis: Compliance Requirements Driving Healthcare Security Boom
Security vendors gradually built a strong presence in the healthcare industry after overcoming initial resistance from the medical community. Technological advances and increasing applications within healthcare favor supply side factors. With healthcare staff coming to terms with inevitable compliance standards and the healthcare industry poised to grow at double-digit rates, the market looks highly lucrative over the forecast period.
New analysis from Frost & Sullivan, World Healthcare Security Markets, finds that the market earned revenues of $1.66 billion in 2007 and estimates this to reach $5.78 billion in 2014.
"Use of security applications within the healthcare industry is largely driven by compliance requirements," said Frost & Sullivan Research Analyst Santosh Antony. "Taking into account the increasing pressure from government bodies, healthcare security is becoming a matter of compulsion rather than choice."
The Health Insurance Portability and Accountability Act (HIPAA) is perhaps the strongest driver for logical healthcare security and influences physical healthcare security. HIPAA compliance deadline for most healthcare entities in North America was in May of 2007. Now, noncompliance carries the risk of fines, penalties, litigations, and sometimes even criminal prosecution in extreme cases.
In addition to the HIPAA, the Joint Commission on Accreditation of Healthcare Organizations (JCAHO) lays emphasis on maintenance of a number of aspects of security such as access control, infant protection, employee/patient identification, and a written Security Management Plan. Hospitals aggressively seek out JCAHO's accreditation because accreditation is required in order to receive Medicare certification and insurance settlement.
However, the biggest challenge for security vendors will likely come from the employees in healthcare organizations who consider extensive physical and logical security checks as a hindrance to their normal functioning.
"Ensuring patient health record safety requires doctors to constantly key in passwords at common workstations, and is often repeated 40-50 times over a few hours," Santosh said. "Doctors, who generally have the final say in most administrative changes, certainly do not appreciate such delays as they can prove lethal."
Given these challenges, security vendors will need to position their products as convenient and less time consuming. It remains crucial to utilize the latest advances in technology to stay ahead of competition. Identity and access management vendors have revolutionized the market with the 'One Sign' technology, which enables workstations to switch users in a matter of a few seconds by using biometrics technology.