What’s Missing in Securing the Healthcare Environment?

(Big-DataForum.com) – According to recent reports, the number of patient record breaches in June 2016 topped 11 million. Not only is the number mindboggling, it shines a bright light on the existing level of vulnerability within the industry.

The problem is that the security infrastructure is simply inadequate in too many healthcare settings, explains Chi Networks CEO Sanjiv Bawa “Many devices including remotely-accessible, cyber-physical blood pressure monitors, x-ray machines, and IV Pumps are hopelessly insecure. And unfortunately, they provide an open door to the entire hospital network,” he says. “The major problem is security from the inside. There was a time when hospitals could safely assume that if a request originates from inside the hospital, it’s legitimate. Today, this assumption gives attackers the foot in the door they need in order to access and attack an entire system.”

The mistake most people make when attempting to build a comprehensive cyber security program is losing focus on what can really make a difference, explains Reclamere CEO Angie Singer Keating. “When evaluating a risk, people tend to hone in on the what if scenarios rather than working toward a viable solution,” she says. As an example, most healthcare systems are in far greater danger of insider threat than external hackers. “Hacking is always a possibility, but personnel with poor training, more access than they require, and a lack of safeguards in place, provide a greater risk,” she says. “These are also areas that can be easily mitigated and provide almost immediate benefits as the foundation of a stronger cyber-security program.”

The question is what role can big data help in solving the issue? While much of the data utilized in healthcare today plays a role in predictive healthcare analytics – i.e. preventing a heart attack – the opportunity exists to use data analytics as part of the solution as well. We talked about exactly how big data can help here and here.

According to Singer Keating, big data analytic tools could prove beneficial to large healthcare systems if the data can be properly analyzed to provide a protection strategy that is tailored to the institution. “Focus needs to be on HIPAA regulations and the standards provided therein to adequately protect electronic protected health information (ePHI) as an integral part of a cyber security program,” she says.

Are you using big data as part of your security strategy?

For more information on Reclamere’s Data Security Services, contact us.