The healthcare industry is faced with the challenge of protecting patient data as it embraces more and more digital health technologies, ranging from wearables; diagnostic equipment; telemedicine tools; mobile care apps; and data-driven software platforms. While new technology can increase patient accessibility and satisfaction with their overall care, these digital tools don’t come without risks, most specifically to sensitive patient data. Healthcare information security continues to be a growing concern. An Experian report found hospital networks continue to be “a ripe target for attackers,” since data is spread over different networks, making it harder to defend than more centralized organizations.
When a credit card is stolen, the victim can close the card and dispute the charges. It is not as straightforward when it comes to patient records. Healthcare is particularly vulnerable to cyber attacks because medical identity theft remains so lucrative and relatively easy for hackers to exploit – and they continue to find markets for reselling patient data. In fact, a recent UIC article noted the average cost of a data breach to healthcare providers: “is $355, per record breached, compared to $158 per lost or stolen records in other industries.”
Knowing this, healthcare administrators and IT personnel are finding new ways to ensure the confidentiality and integrity of the data (healthcare information security) and protecting the electronic data (cybersecurity), but first, they must tackle the top three data security challenges faced in the healthcare industry.
Challenge 1: Disparate systems.
Updating a healthcare organization against a single Trojan or virus may require the manual configuration of dozens (if not hundreds) of separate systems and other network devices.
Solution: Moving to a cloud-based environment. Cloud computing is an effective strategy to reduce technology costs and redundancies, while allowing for more control and scalability. Moving the organization to one cohesive system can be done efficiently and at less cost than trying to update the current legacy systems. By moving to the cloud, healthcare organizations can outsource IT infrastructure (from storage to applications) to a virtual environment and can focus specifically on securing access to patient data.
Challenge 2: Inconsistent IT security procedures.
When a provider is using layers of legacy systems, it is difficult to enforce IT security procedures. The volume of logging and event data generated by these systems and equipment spread across the organization can be almost impossible to manage.
Solution: Implement the right mix of cloud-based tools. Using a cloud such as Microsoft Azure empowers healthcare providers with the tools necessary to create a tailored security strategy that will work well for their organization. For example, Microsoft Azure offers confidential computing, which encrypts data so only those that have approved access can view the data, while those who manage it cannot.
Challenge 3: A shortage of IT personnel.
Many healthcare providers are facing the challenge of finding the right IT Personnel that can keep up with the demands of the evolving security landscape. In fact, the 2016 HIMSS Cybersecurity Survey found 59% of healthcare provider information security leaders cite “lack of appropriate cybersecurity personnel” as a top challenge to mitigating security risks.
Solution: Turn to a solutions partner. Joining forces with a solutions partner, such as TierPoint, gives healthcare organizations the support and knowledge needed to ensure the proper systems are in place. TierPoint not only addresses the pain points, but creates the compliance, security, and accessibility strategy that will scale as the healthcare provider grows and integrates new technology.
Keeping patient data secure is not an easy task and is often done reactively after the incident occurs. The good news is that healthcare providers have an opportunity to take charge with a proactive approach to address these top three security challenges. With thoughtful planning and having the proper systems and teams in place, ensuring patient data is safe, healthcare providers can focus on deploying these digital health tools to better understand and serve their patients.
David McKenney serves as TierPoint’s Azure product evangelist and subject matter expert in customer, partner and industry influencer interactions. He oversees the strategy, product rollout and technical direction of TierPiont’s Azure line. Dave is a 15-year veteran of the industry and enjoys wearing the hat of ‘problem solver’ and jack-of-all-technical-trades.