skip to Main Content
Healthcare IT Security – Yesterday, Today And Beyond

Healthcare IT Security – Yesterday, Today and Beyond

If we look at one definition of healthcare its meaning is the maintenance or improvement of health via the diagnosis, treatment, and prevention of disease, illness, injury, and other physical and mental impairments in human beings.

Let’s break healthcare down a little farther, the definition of health is a process of expanding consciousness that synthesizes disease and non-disease and is recognized by patterns of person-environment interaction. An understanding of pattern is fundamental to an understanding of health, and involves the movement from looking at parts to looking at the whole.

This is a perfect example of how technology can relate to healthcare and the health of a patient. We must look at technology in the sum of all parts to understand the overall healthcare technology need. Today’s technology is connected just like the human body.

Yesteryear

Healthcare has been going through the ebb and flow of change since the initial (HIPAA) Healthcare Insurance Probability Accountability Law that was enacted on April 21,1996. If we think back to 1996, the HIPAA Rule was the first introduction of Privacy and Security into the Healthcare Industry.  The focus was to modernize the flow of healthcare information, and to stipulate how Personally Identifiable Information is maintained by healthcare and healthcare insurance agencies to ensure protection from fraud and theft. More or less establishing the first framework to change the landscape of information systems in Healthcare. Have thing ever changed since 1996!

Today

We now live in a world where patients are demanding access to their specific health data and IoMT (Internet of Medical Things) are becoming mainstream in healthcare, changes that are positively impacting health outcomes of the patients we serve.

IoMT devices can range from a person’s Fitbit that submits data into a patient portal, to a home health weight scale and/or blood pressure device that gathers information to be electronically sent into an EHR (Electronic Health Record) signaling if a patient has a change of health status.

With any pivotal change such as the introduction of IoMT, there is an increased risk to the infrastructure as well as potential unauthorized access to patient data. IoMT was the hottest security topic at the most recent HIMSS Conference that took place in Orlando in mid-February. HIMSS is a gathering of over 50,000 Healthcare professional where the topic is, Healthcare IT.

CIO’s, Directors of Security, Security Analysts, and even some CEO’s were gathered around an area at the HIMSS Conference called the “Cybersecurity Command Center”.  The Command Center was a gathering place to discover cutting-edge technologies to learn how to best prepare to defend against cyber adversaries. Sessions were engaging and interactive, and aimed to increase the knowledge around today’s most critical cyber issues.

Security companies ranged from Cisco Systems, to new upcoming companies such as SecurityScorecard who’s company is three years old and aggressively selling compliance services to fortune 500 companies.

Looking Beyond

It was very clear that the tools of the past have either evolved or have been set aside due to the need of real-time threat analytics and next-generation breach detection.

Healthcare is slowly preparing for the wave of change that will impact Hospital and Clinic environments. This is due to the evolving cyber threats requiring continuous monitoring of enterprise ecosystem security to effectively sustain compliance with regulations and standards.

As supporters of Healthcare Information Technology, we must begin to change the way we introduce security services. The discussion should surround the understanding of patterns (analytics) moving from looking at parts to looking at the whole. By understanding the current state, we can educate on the advantages of new-generation solutions resulting in a reduction of the overall risk to the health system and increasing the well-being of the patients we serve.

Author: Tamara Korbel – Director, Corporate IT Security and I&AM Technical Services @ PDS