Top Healthcare Concerns for 2016: Technology and Cybersecurity, According to PwC Report
By Doug Pollack - Article on January 05, 2016
- Cyber Security
- Data Breach Notification
- Data Privacy
- Incident Response
Emerging technology—and the accompanying cybersecurity concerns—will be critical issues for the healthcare industry in 2016, according to PricewaterhouseCooper’s just-released top health industry issues. Produced by the PwC Health Research Institute, this annual report highlights the top 10 forces that are likely to have the biggest impact on the industry in the coming year.
Financial issues such as consolidation of insurers and other healthcare players and drug pricing top the list, but coming in third is what PwC terms “care in the palm of your hand.” This alludes to the growing use of handheld medicine by consumers to cut costs, increase access, and provide “anywhere, anytime” monitoring, diagnosis, and treatment. Connected otoscopes, activity trackers, scales, health apps, and on-demand e-visits are available directly to consumers to aid in primary care and chronic disease management. Protecting patient and consumer privacy is critical, but in an era of rapid innovation, security is often an afterthought.
Perhaps it’s no coincidence, then, that the cybersecurity of medical devices is the next (fourth) big issue in the PwC report, which cites a startling statistic: Internet-connected healthcare products will be worth an estimated $285 billion by 2020. Indeed, the Internet of Things (IoT), in general and in healthcare in particular, presents a very large front in the battle against cyber crime. In February, just after the massive Anthem data breach, security experts said 2015 could be the “year of the healthcare hack,” and it was. And a Ponemon Institute study found that criminal attacks are now the leading cause of data breaches in healthcare.) With the explosion of web-enabled medical devices, there’s good reason to suppose this trend will only continue.
The next three issues in the PwC report center on healthcare consumerism (making healthcare spending a consumer experience), giving higher priority to behavioral health issues, and reducing healthcare costs through community-based healthcare. What particularly intrigues me, however, is issue eight, the use of high-tech databases to provide greater insight into patient health. Electronic health records (EHR) systems organize data into tables, columns, and rows, which makes unfeasible the use of clinician notes, transcripts, and other unstructured data. New, non-relational databases eliminate this rigidity, so healthcare providers and others can better treat patients, cut costs, and avoid mistakes.
Here, as with medical devices, patient privacy and security are of concern. As the HRI report points out, it will be critical to educate patients about data sharing and the use of health information to improve care. According to PwC, 83 percent of consumers are willing to share data to improve their own health care, and 73 percent are willing to share data to help in diagnosing and treating others. Increased access to patient information, however, increases risk of exposure. As we have outlined, the downside of medical data everywhere is that medical data is everywhere; and presents a huge attack surface for cyber thieves.
Staying Ahead of the Threat
While no organization can stop every possible attack, neither can any organization afford to ignore the threats posed by the increasing exposure of medical data in new places and on new devices. Whether the risk is from a medical device or a high-tech database or anything in between, each vulnerability needs to be figured into an organization’s risk profile and addressed.
For more expert insights into what 2016 will bring, read Experts Predict Security and Privacy Trends for 2016 and Top Six Privacy and Compliance Predictions for 2016.