Many people are familiar with the unfortunate prospect of having their bank account or credit card hacked. Increasingly, the field of healthcare IT must deal with similar cybersecurity threats. In 2017 alone, the U.S. Health & Human Services Department has reported 79 security breaches affecting at least 500 patients. The industry must continue to seek and develop secure IT solutions in order to combat these looming threats.
The healthcare industry has unique challenges when it comes to cybersecurity. Unlike financial information, which is largely kept private between the bank and the individual, healthcare data must be shareable with doctors and providers in order to save lives. The healthcare industry is also relatively late to the game when it comes to electronic data when compared to the financial and retail sectors.
Only with the passage of the Affordable Care Act in 2010 did electronic records become mandatory. The field has also had issues with qualified IT professionals being provided with subpar software, compared with other industries where tech people have more of a say in what systems they use.
Not only are medical records and billing information open to hacking, but potentially medical devices as well. In 2013, former Vice President Dick Cheney revealed that his heart implant had to be cut off from receiving wireless signals in order to remove the threat of an assassination attempt. The company Johnson & Johnson has also expressed concerns about the security of its insulin pumps. Complicating the problem is the fact that many medical devices are not allowed to be managed remotely, meaning that IT professionals cannot detects threats and update security in a timely manner.
These challenges should not be seen as a cause for alarm, but as a call to action. Healthcare IT professionals must be taken seriously and allowed to do their job as effectively as possible in order to secure the life and identity of the patient. Outdated equipment and software, a common problem in the field, must be effectively replaced with improved solutions. Since a person will likely use a medical device much longer than a personal computer or phone, it is important to get access to security right from the beginning. In an era of increasingly sophisticated attacks, hospitals and other medical facilities must make IT a top priority.