Public Access

Community storytelling.

This post was created by a member of the Public Access community. It has not been edited for accuracy or truthfulness and does not reflect the opinions of Engadget or its editors.

Editor's Picks

Image credit:

How to Avoid Privacy Issues in the Healthcare Industry

Jimmy Rohampton, @jimmyrohampton
11.01.16
4 Shares
Share
Tweet
Share
Save


Privacy is a massive issue in the healthcare industry these days. Privacy is a big issue in every facet of society. The public won't tolerate their most intimate information falling into the wrong hands. With the rise of the Internet, the healthcare industry has had to scramble to make sure they can stay ahead of cyber attackers.

This guide is going to show you how the healthcare industry can avoid damaging privacy breaches.

Limit the Number of Staff
The way healthcare used to work is that one person always saw the same doctor, unless they had to be referred to a specialist. These days a patient can see a different general practitioner every time they visit. The more people with access to data the more likely it is that certain pieces of data will be lost, misplaced, or given to the wrong people.

If only a few people have access to and are responsible for the data of one patient it naturally reduces the chances of a data breach.

Encrypt All Data on Storage Devices
Most data handled in the healthcare industry is only active for a limited period. Most of the time it will sit on some form of storage device. The reason why there have been millions of data loss incidents in the healthcare industry is because this data is simply left. It's not encrypted.

The healthcare industry needs to insist on encrypting all storage devices with the latest encryption technology. Sadly, many hospitals and clinics fail to update their encryption techniques with the times.

Create a Secure Link for Healthcare Professionals
It's amazing how many healthcare practitioners still use standard messaging apps to send information to each other. It's also not uncommon for them to use their personal smartphones to communicate. This is a massive problem because it represents an unsecure and vulnerable connection.

A better way to go about this is to use a secure app like ShareSmart, which is effectively the WhatsApp of healthcare. It's a secure clinical messaging and photo taking app for doctors and healthcare professionals. They would be able to share information on clinical cases with each other through encrypted channels.

Insist on Penetration Testing
Penetration testing is an integral part of ensuring that your security arrangements are the strongest they could possibly be. It's true that penetration testing can be expensive, but it's a check that can prevent a lot of problems later. The way it works is an outsider is brought in and told to attempt to penetrate the current security arrangements in place.

They'll be able to tell you where the vulnerabilities are. Many of these security experts were hackers themselves and have since designed to offer their skills to help others.

Make People Aware of Security
Many security flaws are not caused by a total failure of a hospital's security systems. They happen because of simple human error. Healthcare experts aren't necessarily aware of the way that data can be lost and how systems work. The healthcare industry needs to make a conscious effort to educate healthcare professionals on security.

They need to learn about how attackers are likely to breach security systems and what they can do about it. Not everyone needs to become a security expert but they need to know the basics. For example, they should be taught to regularly change their passwords and to avoid sending confidential information over unsecured connections.

Review Your Security Policies Regularly
Security is something that never ends. You will always run into new threats and there will be new solutions on the market. The healthcare industry needs to make sure that it's constantly reviewing its security policies. That means they need to conduct an audit at least a few times per year. Without those checks, security systems become outdated.

The healthcare industry is a bigger target than most, so checks must be even more stringent than they do for other types of businesses.

Conclusion – Action is Needed Now
There are literally millions of security breaches in the healthcare industry. Security experts say action is urgently needed. Until that happens patients are not going to have the confidence to submit their confidential data without worrying about it being taken by an outsider.

What do you think is the best way for the healthcare industry to change the current security crisis?

ear iconeye icontext filevr