Skip to main content

The Future of Healthcare IT Will Pose Risks

Healthcare providers were constantly under the gun when it came to the safe deployment of new technologies throughout the past several years, and it would be hard to argue that the sector at large has been highly successful in these endeavors.


This is not to underplay the extreme efforts and wealth of victories that took place since the early 2000s, but the constant stream of news regarding data breaches makes it clear that privacy and security have not been on point.

Last year, despite the fact that several retailers experienced some of the largest data breaches in history, experts and analysts argued that health care was indeed the most at risk of falling victim to these events. Whereas major incidents do indeed take up the headlines, they do not tell the whole story about security, as smaller ones can add up to be just as damaging - if not more so - before long.

This has been a theme in the medical community, as the vast majority of breaches have been on a much smaller scale, impacting many health care providers in the past few years and continuing to gain in intensity. One of the reasons behind this trend is that hackers tend to focus on picking the low-hanging fruit, meaning cybercriminals are far more likely to target a smaller healthcare provider with fewer controls and protections than a massive establishment that has a strong IT security team in place.

As such, email encryption, secure cloud services and other relatively straightforward defenses should be fortified among all medical firms as soon as possible, as a data breach or failed regulatory compliance audit can be devastating both financially and operationally. With a recent Ponemon Institute study finding that cyberattacks targeted at health care providers increased by 125 percent in the past year, the time to act is now.

Additionally, new trends are likely to present even more significant challenges in the coming years, including the Internet of Things, and preparations must be made to capitalize on such advancements rather than take on excessive risk.

The IoT conundrum
Healthcare IT News recently argued that medical firms should be approaching the IoT from a serious security angle, ensuring that every new device is protected against threats as proactively as possible. Many of the more common best practices along with data and system security in general will be applicable to the IoT, and firms need to ensure that they are getting the basics down before building the strategy out and allowing more devices to enter the infrastructure.

According to the news provider, access management and authorization might be the two most important controls in this conversation, as well as the most difficult, with so many more endpoints coming into the equation. However, ironing out current plans and deploying newer tools to ensure that only authorized users can access patient information through their devices will help to reduce the risk of exposure.

The source argued that the devices being selected should also be evaluated with a fine-toothed comb, as certain ones will simply not be easily protected per the ways in which they were developed. Being selective and keeping the number and diversity of devices as low as possible will inherently give the IT department a greater advantage from a security standpoint, and could even help to boost the user experience over time.

More devices does not always translate to better performances - always weigh quality over quantity. Finally, Healthcare IT News noted that encryption for data stored on and accessed by devices should be a priority, while training employees in the best practices of secure use will reduce the risks involved in negligence, poor awareness and error.

Threat rising
Now, it might be helpful to understand the reasons behind the exponential growth in data breaches among health care providers, as knowledge always equates to power in the security arena. CNBC recently explained that the IoT has brought to light some of the types of data hackers appear to be targeting most aggressively today, especially as so many wearable devices and apps therein are already tracking and recording health information.

The news provider suggested that medical data is about 10 to 20 times more valuable on the black market than credit card information, which is why cybercriminals have started pursuing firms in the health care industry at greater frequencies. Add to that some of the arguments above regarding the rapid deployment of new technologies and the widespread lack of adequate controls to protect them and it should be clear why these events are so common in health care.

Remember, some of the simplest improvements to security will be the most effective, including employee training, email encryption and secure cloud services. Additionally, keep in mind that the cost of instituting these protections will almost always be lower than the damages of a breach.

 

-=Good Selling=-

Add Comment

Comments (0)

Post
×
×
×
×
Link copied to your clipboard.
×
×