Safe and sound

27.03.2006
Vincent Fusca trusts his staff. But he can't take any chances. It's all about the money.

As operations director at Dartmouth Medical School's Center for Evaluative Clinical Studies in Hanover, N.H., Fusca oversees the handling of nearly 7TB of raw medical data from the Center for Medicaid and Medicare Studies. Programmers aggregate and refine the data down to data-analysis sets that researchers use to publish some of the most comprehensive comparative medical research in the U.S.

Fusca isn't aware of any attempted or successful security breach involving personal medical information during his tenure at the center. But the Health Insurance Portability and Accountability Act (HIPAA) requires the center to safeguard patients' personal data, and ignoring the regulation could mean losing millions of dollars in research grants.

So two years ago, the center purchased two network appliance servers that keep data encrypted until researchers request the information on their secure desktops. The data is then sent on to backup tapes in an encrypted form.

"We want to ensure that we exceeded the levels of security required by HIPAA so we never place our funding sources in jeopardy," Fusca explains.

On the radar