assessment around the security rules without
having the data that Sanket’s system provides.
Now if you go through and use a system like
HITRUST, the common security framework
for the healthcare industry, it will step you
through it. It will ask, “Did you do such and
such, what are using for encryption, what
did you do for port security, what’s your
firewall, when was the last time you looked
at your server configuration templates?” A
Zero-to-Secure type solution makes this an
ongoing effort, not just once a year with a
huge effort to go through and answer all those
questions. You see it all the time through your
dashboard, you see it proactively through
alerts. You see it all the time.
Adviser: What is the first thing to do if looking for
an integrated solution?
Sanket: A few first steps to look for in an
integrated solution would be unified reporting,
ease of deployment and activation of
additional modules and support accessibility.
Adviser: So in terms of lessons learned or things
you would do differently, it sounds like the
greatest lesson learned is that you would have
integrated more solutions more quickly?
David: That’s part of it but I think we need
to take a step back and remember that
everybody starts from a different base level.
We are in an industry that was relatively
unsophisticated when it came to technology
utilization compared to other highly regulated
industries. You also have to assess your view
of technology. Do you consider it tactical or
strategic? I would submit that technology
is a strategic asset in today’s healthcare and
senior housing environment. So IT and IT
governance need to be treated that way.
As a result, you first have to assess where
you are and what you want to accomplish.
Remember that a lot of these security
solutions are brand new. What Securolytics
proposes – there is simply nobody out there
doing what they do. There are companies
doing similar things, they have some overlay.
But especially when it comes to New York
S tate and the typical size of our senior care
organizations, most of the solutions out
there are monetized much heavier and
geared toward much larger organizations
with a much larger IT staff. The solution
that Securolytics offers is not something that
would have been available five years ago in this
form and sophistication level.
leadingageny.org 34