deepak-medlearn

In an alarming development, Indian healthcare was the second-most targeted in the world last year after the US. Cyberattacks on Indian healthcare shot up by a whopping 60% last year when compared to those in the preceding year. More than a quarter of cyber-attacks on healthcare customers taking place globally every month happened to be in India. So, even as an assortment of new-age healthcare technologies increasingly shapes the delivery of care as well as the management of the larger healthcare ecosystem today, they have also sparked concerns over cyber security. Today, whether it is telehealth and telemedicine, remote diagnostics to remote patient monitoring and virtual care, mobile health, EHRs, and EMRs, wearable technologies and cloud and data analytics, or healthcare AI and blockchain, or even healthcare edtech, each of these individually or in different combinations, would entail an element of cyber security risk. As hospitals and healthcare facilities inevitably opt for IT-based healthcare administration systems with smart hospital management, automated front office, and reception management systems, automated patient management systems, robotic surgical devices and equipment, app-based connected emergency response solutions, and smart devices, monitors, and trackers, the stakes have been raised even higher.

And even as the absence or inadequacy of cyber security tools and solutions can lead to a multitude of risks and problems, the threat to patient privacy and the breach of confidentiality of patient data is perhaps the most crucial.

Why is implementing cyber security solutions important for protecting patient privacy as well as mitigating other risks?

Patient privacy is about dignity and individual autonomy

First of all, protecting the privacy of a patient’s medical condition is critical to the natural right to a dignified and unprejudiced treatment process for a patient and his family. Personal health information falling into the wrong hands not only liable to be misused by individuals for personal social reasons, but any public disclosure of a patient’s health conditions could also come in the way of his everyday regular functioning as an individual, especially in terms of seeking matrimonial alliances, suitable jobs, and health insurance, among others. In fact, some health conditions are naturally more sensitive and are even socially stigmatizing. These would include reproductive or sexual or public health or psychiatric health concerns. Sometimes, any leak in health information can impinge on his choice of a hospital or a doctor thereby impacting his sense of individual autonomy. This need for protection of privacy is equally applicable to patients and human subjects in clinical trials.

Patient safety susceptible to compromise

Second, an ongoing cyber attack on the healthcare network of a hospital or a clinic can spell havoc on a patient’s safety and even life. By disrupting continuity of care, precious time can be lost which can not only irretrievably reverse the treatment process but even prove to be fatal for patients with serious conditions. Sometimes a ransomware attack can completely derail and jeopardize the treatment procedure with fatal results in the end. So, adopting cyber security measures will ensure the continuity of effective delivery of high-quality care by way of mitigating disruptions that can have a negative impact on clinical outcomes.

Breach of confidentiality of data has adverse financial implications for patients and family

Third, we need to remember that health information is tantamount to a lot of wealth today. It has been estimated that stolen health records may sell up to 10 times more than stolen credit card details on the dark web. Apart from getting access to personal details such as name, address, and date of birth, PAN No, debit/credit card number, CVV etc, cyber thieves can even use the insurance details to submit fake and falsified applications for insurance claims. As a matter of fact, they can commit medical identity theft pulling off a scam on the healthcare as well as health insurance system. The end result is that patients and their families may have to face grave financial implications.

Can damage a hospital’s reputation, sometimes irretrievably

Fourth, while patients are obviously impacted, hospitals also have a lot at stake. A major cyber-attack that lasts relatively long can cause irreparable damage to a hospital’s reputation. With patients turning away and switching to other facilities, it can lead to a significant loss of patient revenue and thereby financial loss over the years. Sometimes, the ransom that has to be paid in response to a ransomware attack is so enormous that it can cause irreversible financial damage to the hospital.

This can result in the extraction of patient/hospital data from medical devices and systems

Fifth, given the networked nature of medical devices, wearables, and healthcare equipment today, a cyber-attack can not only cripple their functioning but also result in the stealing of sensitive personal health information of patients stored on them. In fact, this could also include critical intellectual property, trade secrets, and practices of the hospital itself which would have spent colossal amounts of money to purchase some of these devices and equipment.

Therefore, even as the government is coming up with a charter of patient rights along with suitable privacy laws with a view to protecting patients’ privacy, for their part, hospitals and healthcare facilities in the course of digitizing their systems – both government and private – also need to urgently ramp up their cyber security tools, protocols, and systems. As such, they should be equipped to handle all conceivable types of cyber security threats prevalent today including phishing, malware, ransomware, Address Resolution Protocol or ARP attacks, and IoT attacks, among others. There must also be stringent access protocols, adequate training of staff, and continued monitoring and testing of systems within the hospitals and clinics. At the same time, it is important that cyber security courses and curricula particularly with a focus on the healthcare sector must be designed and taught to a greater number of students in the country today.

Views expressed by Deepak Sharma, Co-Founder & CEO, MedLern


Be a part of Elets Collaborative Initiatives. Join Us for Upcoming Events and explore business opportunities. Like us on Facebook , connect with us on LinkedIn and follow us on Twitter , Instagram.

Related Article


whatsapp--v1 JOIN US
whatsapp--v1