Over the past couple of months I have had the chance to talk with some of our healthcare customers and partners, and I used those interactions to really drill into the challenges their IT and Security teams are facing. A common theme I pulled from these conversations relates to visibility, and more specifically having proactive visibility vs. reactive visibility.
The challenge and the goal is to help IT and Security teams get ahead of dealing with the endless parade of email tickets and alerts. The following are some of the examples I encountered (stop by at the Cerner Health Conference to hear how ExtraHop proactively addresses these issues):
-
EHR/EMR upgrade visibility: Software/service upgrades often introduce issues that slow down clinical workflows, and the time it takes to chase down and troubleshoot those issues is taxing. This is on top of ongoing efforts to ensure that EHR/EMRs are optimized in a way that derives the most value for clinicians.
-
Medical device visibility: How do you understand what devices are on the network, what they're connecting to, and if they are connecting to the right apps and data? This challenge is growing as new medical and other devices are introduced to the network.
-
Remote clinic visibility: Clinics are being acquired by large health systems at a pace that is often hard to support. Understaffed hospitals face a lot of trouble gaining visibility into the applications and devices in use across remote clinics, which means they can't ensure those remote clinics operate in an optimal and secure fashion.
-
Cross departmental visibility: In the age of digital transformation, everything is connected to everything. Yet ensuring all teams are on the same page when it comes to interconnected clinical workflows is a challenge. A common refrain is that there are too many tools with overlapping data. This leads to individual teams prioritizing tools that other teams may not have access to.
-
Security visibility: According to the 2017 HIMSS cybersecurity survey, over 62% of healthcare organizations are investing in the NIST Cybersecurity Framework. A key guidance with this framework is understanding the risk exposure presented by all assets in use within a healthcare organization, including all software, medical devices, user devices, and data flowing between them all. This type of visibility is essential when dealing with threats such as ransomware attacks and also relates to the cross-departmental visibility challenge mentioned above: How do you gain a single view into all of these interconnected interactions, things, apps and devices? And then, how do you also understand and measure the risk potential within this interconnected ecosystem?
I'm sure most healthcare organizations can empathize and identify with many of these items, and perhaps add a few of their own. One frustration serves as a summary point:
"2017 was supposed to be the year of optimization, yet for all the time we are spending on optimization we are not seeing the results."
These visibility challenges are why many of these customers selected ExtraHop in the first place, as a way to provide real-time visibility into their communications and become more proactive in dealing with problems like the above. Yet despite the value ExtraHop was providing, teams struggled to ensure that the metrics provided by ExtraHop were easily accessible across the entire organization (especially when various teams were dealing with multiple tools and overlapping data sets).
The good news is that ExtraHop just made it much easier for healthcare organizations to gain a dynamic and real-time view into all their device and application communications, as well as to make this information easily sharable across teams.
The ExtraHop 7.0 release introduces live activity maps, which graphically map out the communications and data flows among all assets spread through the entire organization. This is a major win for troubleshooting, clinical workflow optimization, and compliance. A few examples of how you can use live activity maps:
- Visualize how medical devices are communicating with their EMR/EHR
- See all of the device and application interactions happening in a remote clinic
- Drill down on all communications within your clinical workflows in real time as well as looking back in time

Live activity map
In addition to live activity maps, the ExtraHop 7.0 release provides increased visibility to healthcare organizations by adding support for Perfect Forward Secrecy (PFS) along with making it even easier to send alerting events to third-party systems in use across the organization. The net is that ExtraHop is working harder than ever to support our healthcare customers, helping them ensure that they have the visibility they need to keep their clinical workflows operating efficiently and securely.
To learn more about ExtraHop and the 7.0 release, go here. And remember, if you are attending the Cerner Health Conference, be sure to stop by the ExtraHop booth and see the 7.0 release in action!