No bounds

Health knows no bounds
Protecting healthcare data, securing hospital systems

Health professionals:

talk to us about your biggest challenges

Health professionals:

talk to us about breaking boundaries

Fill out our form or call us at 978-659-3500 (8 a.m. - 6 p.m. EST)
Michael McNeil

Executive Insights series

Podcast #100 Cyber security in healthcare is about teamwork

with Philips executive Michael McNeil
Michael McNeil podcast
Listen to the podcast now
Two billion personal records were stolen in the US in 2016, 100 million of which were medical records: the healthcare industry’s cyber security challenges are now well known. Host Dennis de Costa asks Michael McNeil, Head of Global Product & Security Services at Philips how all parties — industry regulators, healthcare IT leaders and manufacturers — can work together to mitigate cyber threats in healthcare.

Five tips for preventing healthcare data breaches

 

Healthcare organizations are valuable and sensitive infrastructures, but they are having to deal with ever-growing and increasingly sophisticated cyber threats.

 

The healthcare industry is challenged to maintain good cyber security because many institutions have complex, layered networks with fragmented healthcare IT systems.

 

Healthcare data is extremely valuable too. Healthcare information has all of your most sensitive data all in one place making it very popular for identity theft, billing and insurance fraud, and extortion. Unlike credit card data, which you can change and replace, you cannot change your healthcare data easily.

 

Two billion

personal records were stolen in the US in 2016,
100 million

of which were medical records.

65%

of victims of medical identity theft pay out-of-pocket costs at an average of
$13,500 per victim

A healthcare record

lost or stolen could cost as much as
$363 per record

to remediate

Sources: CNBC, Accenture, IBM X-Force Threat Intelligence Report 2016

An evolving, complex problem

 

The advent of the Internet and interconnectivity has opened up many formerly closed-loop networks within hospital systems, bringing new risks to hospitals. Legacy IT equipment and old security measures – passwords, encryption, and other abilities – may not meet the required standard for today’s IoT world.

 

Healthcare providers also face serious shortages of skilled IT professionals who can properly deal with cyber intrusions1 and every day new cyber threats emerge, varying in sophistication. The most destructive have brought whole IT systems down, compromising patient medical records and crippling a hospital’s operations.

 

The 2017 ransomware strain known as WannaCry led to more than $4 billion in damage2 and clinicians were forced to use pencil and paper to record clinical data, and attempt medical care without access to patient records.

 

Trust, collaboration the key

 

The endpoint for any discussion on healthcare cybersecurity and medical information privacy ultimately comes down to one word: trust. In an ecosystem that is composed of multiple stakeholders – industry regulators, healthcare leaders, clinicians, patients and manufacturers of health IT equipment such as Philips Healthcare – each party has a role to play.

 

An area of industry consensus is the need for continued co-ordination between healthcare providers and manufacturers to deal with security concerns. Among healthcare providers, steps are being taken to incorporate cyber security into the technology and network architecture upfront, increase investment in cyber security teams, and take a broader view of the security value chain3.

 

Through collaborating across the healthcare ecosystem, the industry can build on advances made by other critical infrastructure industries, supporting the advantages that digital connectivity will bring for patient care. “There is no one golden solution. Instead of it being a burden, we have to embrace security and privacy into our organizations,” says Michael McNeil, Head of Global Product & Security Services, Philips Healthcare. “Every one of us within this ecosystem needs to play our role in mitigating this threat.”

 

Five tips for better healthcare cybersecurity

1. Have a clear overview

Clearly understand what products and assets are in your environment.

2. Focus on legacy products

Work with technology partners on any legacy types of products and solutions that might not have the capability to be updated, patched and secured.

3. Develop best practices

Make sure that you are working with an understanding of what are best practices from an industry perspective.

4. Work with manufacturers, vendors

It is important to work on your procurement processes and understand the components within the bill of materials of the solutions you provide.

5. Partner with manufacturers, vendors

Consider involving your core vendors (e.g. in imaging informatics) in managing and mitigating your security risks by making sure their solutions meet the latest audio/video and security standards etc., this gives access to skilled security resources, leveraging experience from across the healthcare industry.

Share this page with a colleague

1 Curran & Hinde, 2016

2 Reuters, ‘More Disruptions feared from Cyber Attack’

3 KPMG, ‘Healthcare and Cyber Security: Increasing Threats Require Increased Capabilities’

Meeting the top
challenges in
health informatics

Building partnerships.
Breaking barriers.


We work in partnership with health systems to help drive innovation, support their financial and operational goals, and enable their transformation in a value-driven era. The result can be both operational excellence and more connected, predictive and personalized care delivery.

 

Let's talk

Let's talk icon

What are your biggest challenges in informatics? Whether its interoperability across your enterprise or achieving greater standardization of care, we partner with you to deeply understand your infrastructure and operations, and deliver solutions that help your transform your health system.

 

Reach out using the form below to get started.

Thông Tin Liên Hệ

* Trường này là bắt buộc
*

Chi tiết liên lạc

*
*
*

Chi tiết công ty

*
*
*
*
*

Chi tiết doanh nghiệp

Bằng cách nêu rõ lý do liên hệ của bạn, chúng tôi sẽ có thể cung cấp cho bạn một dịch vụ tốt hơn.
*
*