Equal Importance of both Cybersecurity Efforts and Patient Care

Equal Importance of both Cybersecurity Efforts and Patient Care

By Sara Jost, Global Healthcare Industry Lead, Blackberry

Sara Jost, Global Healthcare Industry Lead, Blackberry

As the Internet of Things (IoT) gains traction with smart city projects underway in Singapore, healthcare operators are recognizing the serious need for securing patient data records and connected devices. In fact, truly digital patient care may be impossible without strong cybersecurity efforts behind it. Cybersecurity issues are one of the factors undermining the digital revolution of healthcare to truly drive towards precision medicine, collaborative care, and patient engagement.

The recent WannaCry and Petya ransomware attacks are a true testament to the current times we live in and have once again brought cybersecurity in critical sectors to our attention. If hackers manage to lock and/or encrypt the health record of a patient needing immediate healthcare attention, the patient’s life may be in danger. In addition, complications created during the cybersecurity attack can last for an extended period of time, even after the cybersecurity incident has been dealt with.

The growth in ransomware attacks worldwide and widespread impact should mean Singapore is thinking very hard about the health of its own cybersecurity network in its ‘Smart City’ future, especially for critical systems like transport and healthcare. Securing the network and medical devices therefore is becoming a top priority for the healthcare industry.

Rise of Internet of Healthcare Things

IoT has revolutionized businesses across various sectors, including the healthcare industry. According to a report published by Deloitte, wider adoption of Technology Enabled Care (TEC)— where healthcare practitioners can undertake e-visits, write e-prescriptions, diagnose, and deliver treatment via remote digital monitoring— can result in direct cost savings and enhanced patient care. Hospitals in Singapore have also started to use connected devices, and are looking at introducing technology that can help doctors, nurses, and patients receive medical advice and help when needed. For example, the team at Singapore’s Integrated Health Information Systems (IHiS) has been introducing wearables that can allow the doctor to see the patient demographics, x-rays, lab results, and other such patient information.

While all connected devices from pacemakers, insulin pumps and x-ray machines have significant benefits, they also run a significant risk of being attacked.

For example, St. Jude Medical’s implantable cardiac devices were in fact found to be vulnerable to cybersecurity intrusions and exploits, as confirmed by the US Food & Drug Administration (FDA) earlier this year.

Protecting Patient Records

Chief Executive Officer of IHiS, Bruce Liang, announced in late May that the government will be making it easier for any doctor to see a patient’s medical history and treatments. Besides storing information in a vast electronic database, patients can better understand and manage their health themselves. These initiatives are linked to Singapore’s wider vision of fostering innovative and integrated care models across the healthcare sector and using big data to develop evidence-based public health policies.

This is a bold move, and IHiS recognizes that technological advancements also bring with them risk: the threat of patient records and other sensitive data making its way into the wrong hands. According to the U.S. Department of Health and Human Services’ Office for Civil Rights, one in every two Americans were affected by this last year due to a data breach in healthcare. Furthermore, cyber liability insurers raised their premiums threefold for healthcare providers as this has been the most attacked industry two years running, surpassing the financial sector.

Operators therefore need to acknowledge that the data is as important as their patients and take the necessary measures to mitigate risk. Given the reliance on connected healthcare devices and the data they provide, protecting this information and the devices that monitor and treat are in-line with protecting patient lives.

Securing Medical Devices and the Network

Dr Yaacob Ibrahim, Minister for Communications and Information in Singapore, urges citizens to recognize that cyber security is everyone’s responsibility –among organizations and individuals alike. Here are some steps that healthcare professionals can take.

Hospitals should ensure that all staff use secure communications tools when texting, making or taking phone calls, or collaborating with staff or patients and even insist on multi-factor authentication on all their devices. Secondly, healthcare organizers should educate staff how to identify and avoid phishing scams, ransomware attacks, and other email-based threats. Thirdly, healthcare workers should understand how using the healthcare organization’s approved applications (that have been security tested) supports data security. Fourthly, healthcare organizations should also put email solutions, collaboration tools, and other critical apps in ‘containers’ to protect sensitive content. Laptops and desktop PCs, tablets and smartphones, wearables, and IoT devices can be protected with unified endpoint management solutions. Last but not the least, healthcare organizations should have a standard which includes a holistic representation of best-practice medical device security, developed with input from a variety of industry experts, including university researchers and cybersecurity firms to nurses and medical manufacturers.

It can be said that technology gives healthcare providers a way to efficiently deliver the best quality medical services, but they have to develop a strong security framework to ensure the smooth functioning of their business without compromising on patient care. The healthcare industry, like other enterprises, should safeguard critical information the same way it safeguards a patient’s wellbeing. With its vision for a ‘Smart Nation’– this should be a priority for the Singapore government, businesses, and community to ensure a safer, connected future.

Weekly Brief

Read Also

Response to an MRNA Vaccine against SARS-CoV-2-Preliminary Report

Response to an MRNA Vaccine against SARS-CoV-2-Preliminary Report

Morgan Jayne, MD, Div. of Quality and Safety, Clinical Director/Covid Task Force, Piedmont Healthcare, Inc., Atlanta, GA Cooke David, MD, Section of General Thoracic Surgery, University of California, Davis Health, Sacramento, CA; Kpodonu Jacques, MD, Div. of Cardiothoracic Surgery, Beth Israel Medical Center/Harvard Medical School, Boston, MA
A New Era of Neurosurgery

A New Era of Neurosurgery

Dave Rosa, president and CEO, NeuroOne
How Palomar Health Took the Online Route to Prepare Patients and Caregivers for Surgeries in the Wake of the Pandemic

How Palomar Health Took the Online Route to Prepare Patients and...

Brian Cohen, MHA, Director of Orthopedic and Spine Services, Palomar Health
Leveraging Rideshare Technology to Drive Ambulatory Strategy

Leveraging Rideshare Technology to Drive Ambulatory Strategy

Matt Manning, MD, FASTRO, Chief of Oncology, Cone Health
Novel Dynamics in the Oncology Landscape

Novel Dynamics in the Oncology Landscape

Bret Schipper, Chief of Surgical Oncology and Director of Oncologic Surgery, Hartford Hospital
Digital transformation in the patient experience: A win for patients and care teams

Digital transformation in the patient experience: A win for...

Yogish Suvarna, Chief Information Officer, Aspen Dental Management, Inc.