Security and privacy in the era of Connected Health

Posted on: 23.02.2017 Tags:

Cybersecurity

eHealth Week

Health data is one of the most coveted prizes for hackers. Credit cards are no longer the stars in the black market. While bankcards value is around one dollar, Electronic Health Records (EHR) are sold from 200 to 2.000 dollars in the black market –in the US, EHR include financial details and other personal data.

The 2016 IBM Cyber Security Intelligence Index showed that healthcare was the most attacked sector, above finances and Governments. Cybersecurity specialists state that cyber-attacks reported by healthcare organisations are just the tip of the iceberg. Most medical centres are the target of cyber-attacks on a routine basis and often big amounts of sensible data are lost.

Data security in the healthcare sector is not given the importance it deserves

In the last HIMSS Europe Tweet Chat on Cybersecurity, some of the participants were complaining that hospitals and health centres do not prioritise enough the security and privacy of patients’ data. This is due to a lack of resources and because security is not given the importance it deserves.

In the Connected Health era, Governments and Health Authorities should see data security and privacy as a priority. We are talking about people’s health, one of the most private aspects of a person’s life. In the wrong hands, our health data could be used against us. For example, my employer or my banker does not have to know that I have a chronic disease or that I am a cancer survivor. It is our data and no one apart from our doctor should have access to it.

How to increase data protection?

To minimize the risk of health data being stolen or showed publicly, security specialists recommend to increase the budget dedicated to data protection. They also advocate for training healthcare workers so they have the minimum skills regarding to data security.

On the other hand, healthcare organisations should share information and best practices. The public sector could introduce security guidelines in eHealth at a National and European level. The Medtech industry can also play a role by bringing in strong security measures in their products and by collaborating closely with health organisations.

Opposed vision regarding data privacy

In another article I will approach the topic of data privacy. In healthcare we see sometimes opposed visions. While some citizens are very conservative about how they want to keep their data, patients with serious conditions are willing to share their data to help advance research. But that is another article.

Meanwhile, I recommend you not to miss any HIMSS Europe update in cybersecurity and, why not, attend the cybersecurity sessions that will take place at the eHealth Week in Malta. 

Teresa Bau

Journalist and Communications Consultant