Online hackers are in vogue. There is no longer an assumption of “if” they will strike, but when. Healthcare IT is not exempted. In fact, a string of privacy and data breaches means privacy and data protection bring big money for some and big headaches for others. The potential exposure of sensitive health data for millions of healthcare consumers is a reality.
But, let’s get serious, there is no such thing as an inexpensive hack attack. Frequent privacy breaches or threats on health data information costs organizations patient satisfaction and money, among other resources. Cyber-attacks at hospitals and other care facilities have caught the attention of everyone, least of which is Washington D.C. Congress passed the Cybersecurity Information Sharing Act late last year, as part of a massive omnibus spending bill. The document outlines policy for sharing sensitive data:
“This title requires the Director of National Intelligence (DNI) and the Departments of Homeland Security (DHS), Defense (DOD), and Justice (DOJ) to develop and promulgate procedures to promote the sharing of: (1) classified and declassified cyber threat indicators in possession of the federal government with private entities, nonfederal government agencies, or state, tribal, or local governments; (2) unclassified indicators with the public; (3) information with entities under cybersecurity threats to prevent or mitigate adverse effects; and (4) cybersecurity best practices with attention to the challenges faced by small businesses.”
In the interest of patient data protection and their bottom line, healthcare IT companies run risks by stalling upgrades or changes to weak data protection mechanisms. Fines and penalties are already in place and millions have been paid to government agencies for failures. A 2015 Peer60 survey found several trends with protecting patient data. Providers cite lack of budget as the top factor limiting their ability to properly secure and protect health information. In addition, employees’ lack of compliance with privacy and security policies remains a problem for healthcare providers, ranging from an obstacle to the biggest threat. But for all those involved, money remains a top concern: lack of budget is blamed as the top reason providers said limited their ability to protect healthcare data.
Big data and analytics are crucial to healthcare management. Going forward, will obstacles to securing patient health data spread? It seems hackers are just beginning to show their true colors. More money could be a solution, but it usually is for most things. Time will tell how long providers can pre-empt attacks to their data systems.