Protecting patient data from cybercriminals

By Tony Mira, Founder & CEO, Ajuba Solutions

Maintaining Patient Data and its confidentiality is considered to be the most sacrosanct part of healthcare diagnosis, since it is the basic medical information for better medical diagnosis and clinical treatment. Huge volumes of patient data has sadly been compromised due to issues like poor encryption and recurring malware attacks.

The cybercriminals have an upper hand in eavesdropping on sensitive patient information that leads even to death in extreme cases or majorly erroneous medical diagnosis in majority of the cases, as the technological loopholes have given way to a barrage of well tampered patient data. This is a grave threat as people’s lives are encircled in a danger zone.
Potentially sensitive data being infected with malware, can cause great harm to the entire database of stored patient information which needs to be the topmost priority to fight against unreliable and threatening sources infecting or blocking the network with falsely tampered information.

Patient’s Data: The World inside It
Medical coding for example in clinical diagnosis has revolutionized the way in which people are being treated with improved infrastructure and last mile customer delivery services. The internet penetration into our rural hinterlands is still a challenge vis-à-vis China’s global model of internet coverage. But still I am pretty optimistic that healthcare technology services will definitely be a reality for the rural Indian population in the coming days since the focus on Digital India seems to be very promising for the NextGen technological consumers.

Electronic Medical Information about the patient should have all the necessary medical details for medical reference and the major aspect of such sensitive data is its confidentiality and security that needs an overall effort in terms of administrative and technological up-gradation. Sensitive information like social security number, date of birth and details like medical ailments, futuristic predictions and present comprehensive health status are all stored in this network which has more value in the black-market in comparison with the other basic details of patients.

In the past decade, the Protected Health Information (PHI) has witnessed amazing transformation through digitization of content and digital storage. Gone are those days when patient’s medical bills and clinical diagnosis used to be recorded and stored in paper files.

Patient’s highly critical information like their physical and mental health related information forms the crux of the medical diagnosis process. The data should be easily accessible to the medical practitioners and the medical professionals, so that a well-protected database would enhance the medical treatment and its subsequent efficiency in clinical processes.

Patient Health Information ( PHI ) must be compliant to Health Insurance Portability and Accountability Act ( HIPAA ) of 1996 and Health Information Technology for Economic and Clinical Health Act ( HITECH ) which has emphasized the significance of privacy and security of medical information as well as the exchange of patient information in a well regulated ethical manner from a legal perspective . Now when the information gets leaked, it is like polluting the river with its pristine purity and sadly turning it into a toxic water body congested with unreliable material.

Medical experts and technological experts argue that the patient data has to be free from external tampering as well as sensitive information must not go into the hand of the unknown. Who is answerable when a cyber-attack happens and where the solution lies are the biggest challenges before us. In this fiercely competitive high- tech world everyday a hacker tries his or her best to find a way out into a highly complicated and well secure confidential databases.

A clarion call
Malwares enter into the system not in a traditional manner but through discs and PCs in such a form where the breach is not detected by the anti-virus software and other protective firewalls thus making it technically redundant leading to a system crashed with unreliable and corrupt content.

Past experiences have certainly sounded alarm bells as the cyber warfare happening within the secured and confidential databases are proving to be very exorbitant for the medical patient delivery services industries and hospitals.

Notable among few was a recent ransom ware attack in a Los Angeles hospital where 80 million patient data was tampered and corrupted leading to high level threat that was worked out by paying hackers 17 000 USD in order to bring back the system to normal although for a year the network was under the control of the anonymous threat.

Soon after that many such attacks followed in Kentucky and Medstar facility in and around USA that really became a nightmare mainly because serious and diabolic technological tentacles intruding into Patient Health Information leading to a severe crisis of various results like error – filled medical diagnosis, falsified list of beneficiaries for insurance claims as well as criminal breach of social security details. It is because of such grave threats that we need to immediately take punitive steps to reduce the rising intensity of this dormant volcano.

Indian start-ups like Zomato and Ola cabs etc invest in their data- security as well as removing the bugs timely. Many organizations are not serious about cyber-attacks which itself manifests into an uncertain future of data loss along with productivity, market competency, efficiency and customer satisfaction.

The Way Ahead – Big Data Analytics and Population Health Management
Stepping up vigil on issues like security of patient data and exchange of information should be a top priority as the resultant effect of this domain’s neglect and carelessness will cost the 1.8 billion dollar industry over the roof. The healthcare industry is mainly susceptible to such malware, spams, unprotected websites, infected devices and corrupted soft wares such that as per an earlier estimate in 2012, the data breaches almost cost around 2.4 million dollars per organization for a rough period of 2 years.

When the police are smart, the thieves become smarter. Hence technological defence needs periodical up gradation with smarter encryption technology, stricter malware detection against malicious contents like spams, viruses and phishing materials as well as proper training to medical professionals in handling and authenticating calls along with finally using better reliable passwords for authentication. There is a need for a periodical review by cyber-security experts wherein organizations are advised and mentored periodically to richly invest their time in malware engineering and cyber-security related challenges.

Healthcare analytics with a more value based approach must be incorporated as Big Data Analytics and Population Health Management models serve our long term purpose. PHM focusing on important and critical solutions like data warehousing measurement systems, data content systems and Organizational Deployment systems gives a clear balance between clinical and business solutions using Business Intelligence ( BI ) tools. Data analytics and applications for patient healthcare services are the major technical tools needed for this industry to be more robust and professionally dynamic.

Let us not wait for the worst to return as better preparedness against such cyber-attacks would make us more efficient and dynamic in ensuring reliable services to the patient fraternity and help the healthcare professionals with a foolproof plan from such severe devastating attacks.

One cannot wipe out this epidemic in one go but slow, calculative and smarter technical solutions will definitely ensure a more secure network of well protected database of Protected Health Information (PHI).

CybercriminalsData Securityhealthcarepatient data
Comments (0)
Add Comment