1. Comment
March 14, 2017updated 16 Mar 2017 4:21pm

Can healthcare better protect itself against cyber crime?

By GlobalData Technology

Security heists against hospitals considered to have robust IT network security policies in place have become the norm.

A security breach in healthcare can result in loss of life, with the downtime through cancellation of operations, and leaked confidential data a compelling argument to pay the ransom dictated.

With many organisations already struggling financially, can healthcare turn a corner?

Healthcare providers are currently working through the greatest operational reconfiguration in decades.

Looking to reduce costs, and deliver better quality care outside the four walls of the hospital, many are using IT to engage more with patients.

In tandem, more data is being exchanged between doctors, mental health, social care, pharmacists, life science, and retail, to enable patients to live more independently, and tailor drugs to their needs.

Smart devices, wearables, and tele-medicine are gaining momentum in the community, as support for connected care gathers pace.

Given the significant volume of third party data collated from disparate sources that in turn is transported across the hospital network, risk escalates.

Despite working to a digital transformation plan, many healthcare organisations still operate with ageing IT systems.

Since in too many instances little budgetary commitment has been pledged to security, they present ripe territory for cyber-criminals to harvest. Cybercrime has become sophisticated, with so-called crime-as-a-service offered across a large ecosystem.

As a largely inexperienced IT user — the digitally mature are in the minority — a typical healthcare organisation cannot tackle this challenge in isolation.

IT vendors are stepping up in support by:

  • Planning to manage cyber security as  a continuous improvement process, aligned to the evolving strategic goals of an organisation;
  • Conducting an organisational-wide audit of data assets, to eliminate silos of critical data stored outside the core network;
  • Better educating employees, who often prove to be the weakest link in the network’s security, on day-to-day best practice;
  • Ensuring that the in-house IT team  does not have to carry sole responsibility for embedding a security policy, and
  • Exploiting technology to automate patient identity management, creating a more agile service, while empowering patients to do more online.

With data sovereignty an increasingly litigious issue — think GDPR — policy imposing medical grade certification for apps, and medical devices joining the digital transformation program, providers have a lot to contend with.

With a global market currently worth some $5.6bn, the opportunity across healthcare is significant.

Topics in this article: , , ,