Derek Brost
About Derek Brost
As Chief Security Officer for eProtex, Derek Brost spearheads the development of solutions to health IT security and HIPAA compliance demands. As such, he currently oversees risk assessment and mitigation efforts for nearly 100 hospitals nationwide. A Certified Information Security Systems Professional (CISSP) with 15 years’ experience in IS/IT operations, architecture and information security, Derek lectures about ePHI security issues nationwide, earning an invitation to serve as contributing editor for TechNation and presenter at the 2012 Annual HIMSS Conference.
Last entries by Derek Brost
  • 01 May 2012
    IT Update – Digging for worms
    Network worms are a class of malicious software (a.k.a. Malware) which self-replicate across a network among computer systems. In a theoretical sense I find them to be amazing and incredibly interesting, but in a practical sense they can be extremely difficult to deal with effectively. Typically IT/IS security teams have...
  • 01 Apr 2012
    IT Update
    Clinical engineers are frequently called to work on time-sensitive and costly technology repair situations, many times which directly affect patient care workflows. CEs also have brothers-in-arms for those same circumstances in the IT staff that respond to incidents across technology platforms. Taking into account the previous topics I’ve written on...
  • 01 Mar 2012
    Audits, enforcement and alphabet soup
    As Americans discovered during the banking crisis and subsequent bailouts in 2008, fraud and abuse regulation and policy are only as good as the weakest investigation and enforcement activities. As you know, in health care there are numerous regulations, and in health care facilities there are numerous policies as well....
  • 01 Feb 2012
    IT Update
    If there’s one thing IT marketing and publishing groups are great at it’s coining, reinforcing and misusing technology buzzwords. I don’t aim to be cynical, so I will make an effort to separate the wheat from the chaff on the topic of cloud computing. This buzzword has become mainstream and...
  • 01 Jan 2012
    IT Update
    Last month’s IT Update addressed how a few key network infrastructure systems facilitate data communication between devices. Building on that, it’s good to be aware of what is being transmitted to and from medical equipment and how that may affect operations and/or patient care. I believe two key starting points...
  • 01 Dec 2011
    IT Update | Derek Brost
    I’ve written about the importance of networking in the organizational introduction sense, so now I’m turning to the importance of understanding the networking technology that has become vital to successful clinical device operations. The network, big or small, provides the necessary infrastructure to exchange data and while big networks usually...
  • 31 Oct 2011
    IT Update | November 2011
    Especially for windows based devices, antivirus (AV) software can provide security benefits in the form of detecting (and possibly protecting against) threats from malicious software. Common malicious software attacks to modern medical devices in the clinical setting are self-replicating worms within the hospital network, infected removable media introduced by clinical...
  • 30 Sep 2011
    IT Update | October 2011
    Many departments in a health care facility have overlapping duties and responsibilities for HIPAA privacy and security compliance. However, there is a standard on device and media controls which can rest squarely on clinical engineering throughout their work, and I think it’s important for technicians to be aware of the...
  • 31 Aug 2011
    IT Update | September
    The term “change management ” can mean a few different things to different business specialties. For leadership it may represent the tactful process by which cultural and organizational changes are communicated and affected. For engineers, however, it will typically represent the controlled process for the complete lifecycle of technical changes....
  • 27 Jul 2011
    IT Update | August
    This article is about introductions, so in the words of Austin Powers, allow myself to introduce… myself. I wrote last month about security and medical devices, a topic that I work in everyday as Chief Security Officer of eProtex. While my background is primarily in IT security, infrastructure, and operations,...
Last Comments by Derek Brost