The Hack is Coming:
Cybersecurity and Healthcare
In a recent listicle describing
challenges common to doctors, Medical Economics laid out the usual1:
staffing issues, insurance and contract negotiations, patient satisfaction
drops, and malpractice lawsuits. However a couple stood out, things like
marketing and technology concerns. While these go hand in hand, another pressing
concern emerging from the lack of intuitive and effective technological
interfaces in healthcare is cyber-security.
It’s no secret how behind the
medical field is in adapting to the latest advancements in technology and
computing. Workflows are clunky, data storage is archaic and often times
redundant between physical and digital formats, and processes are poorly
implemented. Healthcare hasn’t kept up with the times. And how could they? The
training and schooling necessary to successfully implement these new standards
of practice are inaccessible due to time constraints and burn-out. Doctors
aren’t equipped to both be doctors and experts on technology, it’s too much.
One major burden this creates is
a lack of awareness regarding cybersecurity. The AMA reports that 83% of
physicians have been the target of a hack or cyber-attack2. There
are also few, if any government regulations regarding the level of protection
doctors must implement to protect patient information digitally. HIPAA
regulates the sharing of information, not how it’s stored or protected.
The same AMA piece cites a report
released by a government task force formed to tackle the issue:
“A June 2017 report by the congressionally
mandated Health Care Industry Cybersecurity Task Force found “health care
cybersecurity is a key public health concern that needs immediate and
aggressive attention,” and that, “most importantly, cybersecurity attacks
disrupt patient care.” The 88-page document underscores the risk to medical
care delivered in smaller settings, which are especially vulnerable to attacks
by cybercriminals.“
In response to growing concerns, the Department of Health
and Human services has put together guidelines and guidance tailored towards
physicians and their practices improving cybersecurity. More information and access
can be found here: https://405d.hhs.gov/public/navigation/home
Written by Jeremiah Ockunzzi, courtesy of Dr. Bart
Rademaker, MD.
1) https://www.medicaleconomics.com/view/top-10-challenges-facing-physicians-2020?page=6