Physicians and clinicians must demand global security standards.
Data play a critical role in healthcare relationships — whether that’s between patient and doctor, doctor and device or device and patient. Technology advancement and innovation have shifted the center of who is in charge of a patient’s healthcare. Instead of the doctor acting as the sole decision maker for a patient’s care plan, a broader consumer model has emerged in which the medical record is becoming democratized. As a result, patients and doctors are now partners in the management of care.
Stanford University School of Medicine’s annual Health Trends Report attributed this to the volume and rate at which data are being exchanged between individuals and organizations. Last year alone, the industry witnessed both technological and regulatory improvements (such as through the Global Medical Device Nomenclature) to accommodate patient data collection on medical devices that are supplied to hospitals. Providers are also being encouraged to create a more seamless experience for patients, driven by new technologies that are shifting the healthcare landscape.
This is an incredibly exciting time for the industry at large because digital transformation will undoubtedly reduce costs, empower providers and improve patient outcomes. However, these advancements present a major challenge: the burden of securing the leading edge. To date, the industry has not been able to keep up with the pace of innovation — from insecure legacy systems to hacked devices and massive breaches of patient records.
There are five disruptive trends that pose the greatest cybersecurity risks for healthcare organizations:
There are clearly enormous security challenges associated with the amount of data and information that the industry will rely on as these five core technologies continue to progress.
There’s no doubt that communicating beyond the boundaries of hospital walls is the future. As a result, a new perioperative loop is emerging — one that includes medical device manufacturers, electronic health records services, hospitals, doctors and patients. Connected healthcare works only if it’s secured at every point in the ecosystem.
How do hospitals protect the digital identity of every patient at every point — from data to device — while embracing the changes that are critical to disrupting old processes and improving performance and results? The U.S. Food and Drug Administration recently released guidelines on medical device security as a framework for healthcare providers to plan for and remediate threats. The guidance is primarily focused on how to respond to attacks once they’ve occurred. Buts there’s also opportunity to outline sensible actions that can help prevent these same attacks before they happen.
Providers need to be the loudest voice in the demand for industry-wide security standards and best practices because they incur the greatest risk. This goes far beyond what has been issued by the FDA. These guidelines should be developed in the trenches with input from doctors, administrators and IT, in direct collaboration with solutions providers. And patient safety should remain front and center as strategies are built.
There are tremendous constraints when trying to weave disparate technologies into a secure connected system, but the healthcare ecosystem must face the challenges head-on. Hospitals shouldn’t have to scramble to implement security after deployment. Tomorrow’s healthcare leaders will be those who make improved patient well-being and data security a reality throughout a patient’s entire perioperative experience.
Kevin von Keyserling is CEO and co-founder of Keyfactor.