Separator

Innovation In Healthcare Is Incomplete Without Data Security

Separator
A management professional with more than 21 years of experience on supply chain management and digital transformation engagements across several Fortune-100 companies, and has also worked as an IT Business Partner in one of the largest life sciences companies and managed an annual investment portfolio of $8-10M on business transformation initiatives through strategic planning, business relationship management and implementing long-term business strategies.

According to Black Book Market Research, data security breaches costing the healthcare industry reached the $4B mark in 2019. This is the highest exposure compared to other industries and even surpassing the financial services and public sectors. This also doesn't come as a surprise as bad actors are increasingly becoming sophisticated in their penetration of security parameters. Patient medical records, payment details and personally identifiable information (PII) are top targets of these data breaches. Even a seemingly minor security breach is enough to tarnish the reputation of a healthcare entity.

Around the globe, cyber security is the biggest concern technology leaders face today. Building cyber defenses cannot be an afterthought. Hospitals are particularly vulnerable because of continued reliance on legacy systems that provide easy targets for cyber criminals. Data security is not just about cyber vigilance but also about putting controls and measures in place to prevent unintended use of data. As the patient data is moved through multiple integration points and stored in multiple places, chances of data errors due to mishandling go up. No wonder, data interoperability has become one of the top buzzwords in the healthcare industry.

Data security threats may vary in sophistication and may come in the form of ransomware or distributed denial of service (DDOS) from external actors with malicious intent


Data security threats may vary in sophistication and may come in the form of ransomware or distributed denial of service (DDOS) from external actors with malicious intent. The objective here is to make healthcare devices and infrastructure unusable by providers and patients for further use until a ransom is secured. Data security threats linked to cyber breaches generally gather more limelight. However, the majority of such threats are due to internal factors. According to a research carried out by a London based security firm Egress, 60 percent of data breaches in healthcare were attributed to human error resulting from the lack of controls and awareness among employees handling patients' confidential data.

Information Technology leaders at healthcare companies must be accountable to ensure appropriate controls is deployed around data security. Healthtech companies such as tele-medicine providers have much less complex systems compared to hospitals and diagnostic centers. COVID pandemic has forced many entities to quickly build infrastructure to support virtual care. Many have expedited the process of moving their on-premise servers to the cloud to become more agile in handling large volumes. Tele-health providers are adopting new technologies and artificial intelligence (AI) to bring more sophisticated digital capabilities to their users. These innovations are essential to meet many unmet needs however they're incomplete without an overarching approach around cyber hardening. Cyber vigilance and building those defenses must be part of innovation culture at healthcare companies as the benefits far outweigh the cost.

At SeekMed, we cater to the global patient community including from developed economies and offer best in class security measures with 100 percent data encryption, secured data storage in the cloud and with servers located in India. We've complied with global data privacy standards to meet patients' growing concerns and sensitivities around data protection. This combined with internal training and a process on securely handling confidential data has better equipped us to deal with any potential data breaches.

Healthcare is an industry where we deal with people's lives and therefore technology leaders have an obligation to remain ahead of the curve when it comes to meeting data security benchmarks that come in the form of HIPAA (US), GDPR (UK) or PIPEDA (Canada) compliance. It may take a while before the data privacy law in India (Digital Information Security in Healthcare Act - DISHA) is fully enforced to regulate the generation, collection, storage, analysis, transmission and ownership of health data. As the data security challenges keep evolving, healthcare leaders must not only invest in securing their digital infrastructures but also collaborate within the sector in identifying and adopting best practices.