No one knows you better than you do. But thanks to technology advances and the continued digitization of healthcare data accumulation and sharing processes, we can also honestly say the same about your healthcare provider.
Indeed, every time we get in touch with a health professional, data is recorded (either on paper or electronically), entered into a computer, and then stored in a massive database for record-keeping, analysis, and retrieval.
This digital warehouse of electronic health records (EHR), which contain medical history, diagnoses, and medications (including billing data, insurance, and other personally identifiable information), is what cybercriminals are after. For healthcare facilities in the business of research, intellectual property is their primary asset at risk. Such a trove in the wrong hands could mean nothing good.
A horripilation of dread
Dismally, where healthcare excels in medical breakthroughs and advances in therapy, it lacks in cybersecurity preparedness and adoption of privacy practices. Studies from independent organizations consistently reveal that the continuous use of legacy systems—those outdated programs and computers running Windows XP—scarce resources allocated for cybersecurity, and an apparent shortage of IT professionals top the list of problems the healthcare industry faces. And this is just the tip of the iceberg.
Technological advancements that make reviewing, sharing, and storing digital information possible present other significant challenges that need addressing. They include:
- The easy accessibility of patient records
- The automation of clinical systems (e.g. the ordering of prescription medicine for patients)
- The introduction of external media or third-party devices to the hospital network
- The emergence of mobile health apps
- The increasing adoption of BYOD
- The overall lack of awareness of risks to patient health data among hospital and clinic staff
Below, we take a look at the cybersecurity risks that each of these challenges present.
Easy accessibility of patient records
Public-facing healthcare facilities like hospitals and clinics have embraced the move from paper records to digital records. In so doing, they gather and store patient data into databases open to anyone with access to them, whether it be a doctor 20 miles from the building or a nurse at the reception desk.
The digitization of patient health records also made the process of sharing information across multiple healthcare facilities easier. Patients, too, are given access to their health records. Because of this, the likelihood of exposure to threats increases.
All that storing, retrieving, and sharing leaves
To read the original article:
https://blog.malwarebytes.com/101/2018/02/physician-protect-thyself-healthcare-cybersecurity-circling-the-drain/