COVID-19 , Electronic Healthcare Records , Endpoint Security

Patient Access to Health Data: Balancing Security and Usability

Chad Wilson, CISO of Stanford Children's Health, Discusses Emerging Challenges
Chad Wilson, CISO, Stanford Children's Health and Lucile Packard Children's Hospital Stanford

As developers design applications to provide patients with access to their digital health records via smartphones – as called for under the 21st Century Cures Act - special attention needs to be paid to balancing security with usability, says Chad Wilson, CISO of Stanford Children’s Health.

See Also: Beyond Pandemic: Right-Sizing the Cybersecurity Posture

”We have to encourage the people who are downloading their health information to do their due diligence to make sure where they’re downloading it, saving it and securing it stays safe,” he says in a video interview with Information Security Media Group. “It goes back to the … security that’s built into the development cycle – not every app is coded the same way … and not every app deals with encryption of the data the same way.”

While adequate security is essential, organizations must guard against creating too many security-related barriers to gaining access to records via a smartphone, he says. “So having that balance is going to be really key for any developer that is building the API to get in – that it has the right security and the right security is maintained."

In the interview, Wilson also discusses:

  • Other privacy and security challenges involving patient access to their electronic health records;
  • Security and privacy issues involving the growing use of telehealth and the reliance on email for communication during the COVID-19 pandemic;
  • How the cyberthreat landscape is evolving during the COVID-19 crisis.

Wilson is CISO for Stanford Children’s Health and Lucile Packard Children's Hospital Stanford in California. Previously, he served as the director of IT security and CSO at Children’s National Health System in Washington. And he served as senior associate at Booz Allen Hamilton, managing cybersecurity services for commercial and government clients with an emphasis in healthcare. Wilson is also former acting CISO and director of information security for MedStar Health.


About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity, ISMG

McGee is executive editor of Information Security Media Group's HealthcareInfoSecurity.com media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeek's healthcare IT media site.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.