I hope healthcare organizations delivered lots of TUMS and Advil to their beleaguered cybersecurity teams as a holiday bonus in 2018 – and maybe even a masseuse! With an overload of alerts, attacks and system compromises, it’s safe to say that working in a security operations center (SOC) can take both a mental and physical toll:
From 2010 to 2017, nearly 2,150 breaches involving more than 176 million patient records were reported to the Office of Civil Rights at the U.S. Department of Health and Human Services, according to a study published by the Journal of the American Medical Association (JAMA). During this period, the total number of breaches increased every year (except for 2015), with 199 reported in 2010 and 344 reported in 2017.
Most likely, in one of the few lucid moments you have in your hectic, even chaotic schedule you contemplate healthcare’s greatest problems, its most pressing questions in need of solving, obstacles and the most important hurdles that must be overcome. And how solving these problems might alleviate many of your woes. That’s likely an overstatement. The problems are many, some of the obstacles overwhelming.
There are opportunities, of course. But opportunities often come from problems that must be solved. And, as the saying goes: For everyone you ask, you’re likely to receive a different answer. What must first be addressed? In this series (see part 2 and part 3), we ask. We also examine some of healthcare’s most pressing challenges, according to some of the sector’s most knowledgeable voices.
So, without further delay, the following are some of the problems in need of solutions. Or, in other words, some of healthcare’s greatest opportunities — healthcare’s most pressing questions, problems, hurdles, obstacles, things to overcome? How can they be best addressed?
Nick Knowlton, VP of strategic initiatives, Brightree
Throughout the healthcare ecosystem, patient-centric interoperability has historically been a huge challenge, specifically throughout post-acute care. This problem results in poor outcomes, unnecessary hospital re-admits, patients not getting the treatment they deserve, excessive cost burden and poor clinician satisfaction. This challenge can be solved through creating better standards, adapting existing interoperability approaches to meet the needs of post-acute care, implementing more scalable interoperable technologies, and involvement with national organizations, such as CommonWell Health Alliance and DirectTrust, amongst others.
Cybersecurity is one of the most pressing hurdles in the healthcare industry. The life and death nature of healthcare and the shift to electronic health records (EHR) creates an environment where hackers that successfully deploy ransomware and other cyberattacks can extort large sums of money from healthcare entities and steal highly sensitive data. To address this challenge, healthcare entities need to continue to increase their investment in cybersecurity and focus on improving their overall security posture by implementing tools and processes that will monitor all devices and assess their compliance with security policies; stop phishing attacks; keep all servers patched and current; ensure third party vendors comply with policies; and train employees on proper security hygiene.
Cyberattacks continue to expose the security vulnerabilities of healthcare institutions, keeping many industry stakeholders awake at night. This is why every organization handling protected health information (PHI) needs to build security frameworks and risk sharing into their infrastructure by implementing risk-mitigation strategies, preparedness planning, as well as meet industry standards for adhering to HIPAA requirements. Hospitals and healthcare systems must keep their focus on strategies and tactics that ensure business continuity in the event of an attack as it’s clearly not a matter of if a breach can happen but when.
The core problem for healthcare isn’t science, technology or caregiving intervention. It’s making sure that the systems of delivery and communications are thought through and actually respond to the way patients need and expect healthcare to be delivered. This means it doesn’t matter how advanced and perfected your health system may be — unless it conforms to culture — the way people think and behave — it will do nothing but confuse and frustrate patient needs, which are psychological and social, as well as physical and mental.