Privacy & Security

Advice for better security? User-friendly systems

'We've designed these systems as if they're designed for people to fail.'
By Jessica Davis
November 20, 2015
09:47 AM

Recent security breaches, especially in healthcare, have put the spotlight on major companies to be diligent on revamping systems to prevent data theft.

But the problem is that the systems aren't designed with the user in mind and are too difficult for the average user to navigate.

"Humans are the weak point, but you design systems that are hard to use," Jennifer Golbeck, associate professor, College of Information Studies, University of Maryland, told Healthcare IT News.

"People are going to find an easier way to use the system because they have a job to do, but that breaks down security," she added.  

Golbeck will be discussing these ideas during a session titled "Your weakest security link? The answer will surprise you," at the upcoming HIMSS and Healthcare IT News Media Privacy and Security Forum in Boston.

[Learn more: Meet the speakers at the HIMSS and Healthcare IT News Privacy and Security Forum.]

Healthcare has an even greater responsibility to protect this information due to the sensitivity of the data, thus increasing the need to make sure users can readily access what they need to get their jobs done and even to save lives.

"It's critical if we want to protect data," Golbeck said. "We need to start with assessing the user; let's build security around that, instead of forcing the security around the environment."

In the end, security system designers should be following around healthcare professionals to gauge how to build a user-system "basically easy for people to learn and to reduce mistakes."

All other security systems employ that method, but healthcare designers have missed this step, Golbeck added, and it doesn't help that healthcare is a unique environment, with much more than standard office work.

"We kind of ignore humans when designing systems, but that leads to this behavior," Golbeck said. "Every step of the way you need to be talking to people who'll be using their system, also talking with institutions with successful systems in place."

Register for the Privacy and Security Forum, which runs Dec 1-3 at the Weston Boston Waterfront hotel. 

Related articles: 

Security tips for a 'cyber workforce'

Cyber czar Richard Clarke on the need to prepare for outlier events

Healthcare security: Adapt or die

Topics: 
Electronic Health Records (EHR, EMR), Mobile, Network Infrastructure, Privacy & Security, Cloud Computing

More regional news

VA building signage

House passes veterans healthcare package without RESET Act

By
Andrea Fox
November 21, 2024
David Miles of Oklahoma Heart Hospital

Deep dive: A tour of all-digital Oklahoma Heart Hospital, where automation is the norm

By
Bill Siwicki
November 21, 2024
Healthcare workers looking at X-ray images on monitors

Streamlining healthcare operations with multicloud-by-design

November 21, 2024
Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.

Top Story

VA building signage
House passes veterans healthcare package without RESET Act

Most Read

HMIS integration with other public HIS sought and more India briefs
Particle Health files antitrust suit against Epic
Choosing a managed IT service for aged care
ASTP intros 2024 draft Federal FHIR Action Plan
VA must strengthen controls addressing EHR performance
CrowdStrike all but assures Capitol Hill: Never again

Research

White Papers

More Whitepapers

Patient Engagement
Patient Engagement
Financial/Revenue Cycle Management

Webinars

More Webinars

Imaging
Interoperability
Artificial Intelligence

Video

David Miles at Oklahoma Heart Hospital_Part 1_Doctor holding health icon Photo by Tippapatt/iStock/Getty Images Plus
The CIO of an all-digital hospital walks readers through its successes
Dr Alice Sutedjo Lisa at SMC Telogorejo Hospital_HIMSS24 APAC
Assisting the elderly in digital care
Dr. Benoit Desjardins of the University of Montreal
Cyberattacks are becoming more widespread, and more disruptive
George Pappas at Intraprise Health_Digital shield and lock Photo by da-kuk/Getty Images
Tighter cyber mandates hold New York providers to higher security standards

More Stories

BJ Schaknowski of symplr
Too many IT systems with limited alignment impacts care quality
Doctor in scrubs using computer
Tenet to deploy AI platform across its physician network
Healthcare CIO with other healthcare executives
Health system CIOs' strategic responsibilities continue to evolve
George Pappas at Intraprise Health_Digital shield and lock Photo by da-kuk/Getty Images
Tighter cyber mandates hold New York providers to higher security standards
Clinicians look at diagnostic imaging
American College of Radiology launches AI quality registry
A doctor with glasses sits at a desk and speaks during a telehealth visit.
DEA and HHS extend virtual prescribing for controlled substances through 2025
Dr. Jay Anders at Medicomp Systems_Computer chip with stethoscope Photo by Just_Super/iStock/Getty Images Plus
Transparency and responsible AI are crucial for medical devices
George Pappas of Intraprise Health on cybersecurity
How to protect telemedicine from cyberattacks