Over the last two years, 90% of healthcare organizations have suffered a cyberattack.
How is an industry as enormous as healthcare still struggling with information security?
In this episode of B2B Tech Talk, RSA
Solutions Marketing Expert Patrick Potter
joins Keri to talk about…
"Healthcare has traditionally been more compliance-driven than risk-driven. Risk management isn't necessarily a mature discipline in healthcare. Same with security." — Patrick Potter
- Why many healthcare organizations are playing catch-up when it comes to cybersecurity
- Privacy tips for telehealth patients and providers
- What the 21st Century Cures Act entails
- The future of healthcare technology and security
Last place in the security race
Though there has been a technology boom in the healthcare space, IT security hasn’t been able to keep up. Patrick points out that there have been over 400 PHI breaches in the last two years. Why hasn’t cybersecurity become more of a priority for industry leaders?
The truth is, it has. However, with so many information silos already established, one patient’s data is hard to consolidate in one central location.
And, with the increase of telehealth, more sensitive information is being shared over the internet than ever before, with ransomware being the top vehicle for bad guys.
The 21st Century Cures Act
Even before COVID-19, legislation was passed to encourage healthcare systems to push solutions and innovation in the industry forward. This legislation is known as the 21st Century Cures Act
The plan authorized $500 million over the course of nine years. Combined with the funding from the CARES Act, there’s a great opportunity for organizations to increase information security procedures and improve the patient experience.
Patient information sharing between health systems could be the solution to both security and better patient experiences.
Sadly, most patients don’t grasp the risk they’re taking on when being treated by a doctor. That risk is a breach of their Protected Health Information (PHI).
"When risk management becomes personal and emotional, the way you manage risk changes completely." — Patrick Potter
For now, it’s up to the patient and the provider to keep PHI private.
Tips to keep PHI private:
- Identify the potential risks
- Assess the risks
- Quantify those risks
- Treat the risks as early as possible
- Conduct telehealth from secured locations and devices
- Maintain good information security hygiene
The future of healthcare tech and security
Patrick sees healthcare technology being driven even more by patient choice. That means consolidated health records for easier access by those who need it, including the patient.
Telehealth will continue to be a viable alternative to in-person visits. Plus, automation and efficiency in healthcare will increase thanks to advanced machine learning.
Lastly, Patrick believes that third parties will play a big role in helping the healthcare space become more intuitive and secure.
A 4-Step Approach to Mitigating Cyber Attack Risk in Healthcare
Learn more about the CARES Act
. For more information on RSA’s services, contact firstname.lastname@example.org
To join the discussion, follow us on Twitter @IngramTechSol #B2BTechTalk
Listen to this episode and more like it by subscribing to B2B Tech Talk on Spotify, Apple Podcasts, or Stitcher. Or, tune in on our website.