Lyniate Team

How the top 10 cybersecurity concerns impact integration and interoperability

March 22, 2018

Session 139 at HIMSS 2018, 10 Challenges in Managing Medical Device Cybersecurity, reviewed the top 10 technology hazards in healthcare IT for 2018 released by the ECRI Institute. While the focus of the presentation was geared towards medical device security, many of these challenges exist for integration technologies as well.

Patch management

Not surprisingly, patch management was near the top of the list. Patch deployment can directly impact patient care if patches to the most recent threats are not deployed in a timely fashion. This requires a patch deployment strategy, with regular patching processes in place. Patch implementation must evaluate clinical care impact – ideally vendors will have solutions to allow patching with little to no downtime. In addition, having a process for critical patching with no downtime is essential as well. Corepoint Integration Engine’s high availability feature, Assured Availability, ensures that no data is lost during planned or unplanned downtime.


Also near the top is the necessity to keep legacy technologies secure. This can be a big challenge because technologies designed five years ago likely did not place a premium on security. Ideally, vendors allow for upgrades that are not disruptive to clinical workflows. However, if upgrading is too difficult or even not possible, the security risk must be weighed against the clinical need of the technology.

From an integration standpoint, a non-functioning integration engine can bring down all the data flow in a health system if it is not updated and secured properly. Read: Improve PHI security using a modern interface engine.

Server management

In addition to securing the application, providing proper security for the servers they run on is just as important. It is important that the application run on operating systems that are still being updated for the latest security attacks. It is also imperative that the application be compatible with antivirus software protection. Ideally, a virtual environment would be preferred over a physical requirement, thus simplifying server management.

Remote access

If remote access is required for support, maintenance, or analytics it can provide a security hole to the server and application. Unsecure external communications should be strictly avoided. This would include default service passwords and unsecured transports. Remote access should be limited to VPN or encrypted transports such as TLS, and passcodes should be temporary or have an expiration.

Security was more widely discussed at HIMSS18 than in previous years. Recent ransomware attacks have certainly contributed to the growing emphasis on security. Providers and application vendors must stay on top of the latest technologies and processes to keep patient data safe and available.

These are four of the key challenges discussed in the session as they apply to integration technologies.

Related Blogs

Lyniate Team

Medrics scales patient engagement app globally with Lyniate Rhapsody

Medrics uses Lyniate Rhapsody to integrate healthcare data from disparate sources for improved patient experiences and outcomes.

Read more

Melanie Medina

Caresyntax CTO shares how he relies on fully managed integration services to help provider customers improve surgical outcomes

Caresytnax relies on fully managed services from Lyniate to maintain integrations between its platform and its provider customers.

Read more
group of people sitting in chairs with text Healthy Data. Healthy People.

Lauren Usrey

Driving healthier outcomes with healthier data

The Healthy Data. Healthy People. panel discussion at Lyniate CONNECT 2022 brought together healthcare leaders to discuss the importance of data quality.

Read more