It should come as no shock to anyone reading this that security in the Healthcare industry is a huge issue. With the introduction of flashy new tech comes the burden of making sure that it is not compromised. This is by no means an isolated issue as security is paramount in a variety of other verticals but the sensitive and personal nature of the data held by Healthcare organizations means that breaches receive a lot of media attention. The question is whether it is more effective to guard against incoming attacks or proactively analyze data to prevent future breaches from being as effective.
Before I start, it's important to note that the main cause of Healthcare data breaches occur due to lost or stolen devices (68%) rather than hacking [1]. This issue will progressively worsen due to organizations embracing the mobility trend and so it is much easier (although by no means easy to start with) to protect the data held on these devices rather than the devices themselves. With this being said, a blog post about locking up your devices and keeping a firm eye on them would be pretty short and dull so I'd like to concentrate on hacking and malicious attacks.
Healthcare organizations will continue to invest in defensive measures against cyber crime but it is becoming increasingly important to invest in the analysis of these threats and the prediction of future potential breaches. This will run in parallel to the evolving technologies enabling hackers to maliciously gain access to the organizations data.
With the ever growing popularity of Big Data & Analytics, it is crucial that attacks are not treated as independent events and instead the data and information should be collected until there is a significant mass to analyze previous attacks and prepare for what's to come. This intelligence will then (hopefully) enable the user to identify when the organization is under attack a lot quicker and then respond more efficiently.
I'd like to conclude this blog post by highlighting that although security measures are evolving as are hacking techniques, the biggest variable factor is the user - whether it be due to insufficient training, snooping or a blatant disregard for protocol. There is a vicious cycle whereby as security measures become more sophisticated, they may become less user friendly, prompting users to find easier workarounds which then make the system vulnerable. In my personal opinion, organizations should invest further into training and user friendly interfaces whilst maintaining secure access to data in the background.
Best Regards,
Jonathan Cordwell
Research Analyst, Healthcare Strategy
ResearchNetwork, CSC
- HIT Consultant, 68% of Healthcare Data Breaches Due to Device Loss or Theft, Not Hacking, 11/04/2014: http://hitconsultant.net/2014/11/04/healthcare-data-breaches-device-theft-loss/
No comments:
Post a Comment