Securlinx, is on the ground in Chicago to take part in the International Association for Healthcare Security & Safety (IAHSS) annual conference and to demonstrate the newest version of our FaceTrac facial recognition software. We’ll be in booth #601 today and tomorrow.
IAHSS is dedicated to professionals involved in managing and directing security and safety programs in healthcare facilities.
“We discovered exposed medical systems — including those that store medical-related images, healthcare software interfaces, and even misconfigured hospital networks — which should not be viewable publicly. While a device or system being exposed does not necessarily mean that it is vulnerable, exposed devices and systems can potentially be used by cybercriminals and other threat actors to penetrate into organizations, steal data, run botnets, install ransomware, and so on. Furthermore, it shows that a massive amount of sensitive information is publicly available when they shouldn’t be.”
The article linked above and the companion Trend Micro blog post, along with the entire 61 page pdf report (available here) do a really good job of covering the range of threats confronting healthcare networks today.
The internet of things (IoT) offers so much of benefit — remote monitoring, diagnosis, collaboration, home healthcare, devices, etc. — to healthcare providers and patients that it is inconceivable that it will be abandoned. There are, however, significant privacy and health outcome risks associated with putting practically every software application, sensor, device and record within reach of the internet.
How large healthcare providers harness the IoT for better care delivery while minimizing the associated risks will go a long way toward sorting out the winners and losers in the business of healthcare.
Cyber security, identity assurance, and training are of critical importance if the promise of the healthcare IoT is to be kept for healthcare providers and patients alike.
“Using National Cancer Institute survey data, the study found that 52 percent of US citizens were offered access to an online medical record by a healthcare provider or insurer in 2017, up from 42 percent in 2014. Of those who were offered access, 53 percent viewed their records at least once in the past year.
However, of the individuals offered access to online medical record, one-quarter did not access that information because of privacy/security concerns.”
So, is it fair to imply that up to 25% more patients would access their online health record if they were more confident in the security of their access to it?
I’ve been attending HiMSS for more than 15 years (do I get an award for that?), and every year I see a few things that surprise me. That’s what keeps it interesting.
One surprise is the number of vendors who claim to have a patient identity solution when what they actually do is patient identity for one specific application, like labs or payments. They don’t provide that identity outside of their system. There’s almost no one addressing the need for a universal identity repository – a database that would handle identity authentication for multiple applications. (That’s what Securlinx offers, and that’s why we are excited about the opportunities we are seeing to help healthcare organizations.)
The other surprise is the absence of the insurance industry. The major insurers are a huge part of healthcare, involved in everything from procedures and protocols to reimbursements and record-keeping. And they see how much money is lost every year from errors and fraud. Yet hey don’t have a presence here and don’t seem to collaborate with other organizations much right now. That will change, though. Collaborating to reduce costs and improve care would be a natural focus for them, not to mention a great marketing message. Insurers are a key component in all this.
Securlinx has a presence at the Healthcare Information and Management Systems Society (HiMSS) Conference currently underway in Las Vegas.
Our own Craig Workinger (LinkedIn, Twitter) and Securlinx Healthcare Advisory Board member Tom Karson, MD (LinkedIn) have found time to report some of their observations and insights from the conference. I will share what they have to say here as their reports come in.