Contact us:
040 4016 5703 099 6344 0404
Follow us:

Health care must bolster privacy, security efforts

A recent report from Australian cybersecurity consultancy CyberCX found the healthcare industry ranked second last when it comes to protecting the online privacy of its customers and users.

In an industry that deals with incredibly sensitive and personal information, such as medications, mental health history, and drug and alcohol use, the implications for a lack of privacy within the sector are severe, both at an individual and organisational level.

Privacy threats are growing in the healthcare industry, in both frequency and sophistication. Macquarie Health Corporation was hit by a cyber attack in late 2021 with thousands of patients’ highly sensitive documents leaked by hackers. Just last week Western Australia’s COVID-19 contact tracing system was deemed by the auditor-general to be riddled with privacy and security concerns, putting the personal and medical information of hundreds of thousands of citizens at risk.

During COVID-19, when significantly more medical appointments were both made and conducted online than ever before, the risk for cybercrime also increased as patients divulged personal and medical information via apps and websites. Indeed, in the final few months of 2021, more than 12 million telehealth appointments were conducted via phone and videoconference — representing 25% of all Medicare Benefits healthcare appointments.

Recent research from GBG found that in the last 12 months, two-thirds of Australians had created up to six new online accounts. It also showed Australians want faster, easier and more secure ways to verify their identity as they increase their volume of online activities.

Such a sudden digital migration meant many more channels and opportunities for hacking were opened — a payoff for the convenience of online health care that no patient should have to endure. Healthcare organisations and the industry overall must act swiftly to catch up to patients’ expectations on how their personal data is handled and stored. It will protect not only the data in question, but also the reputation of individual healthcare providers and agencies.

As the healthcare sector continues to evolve patient care through online consultations and digital appointment-making, the need for digital trust amongst patients will grow. Digital-first patient experiences are becoming increasingly mainstream in health care, and patients will demand their highly personal medical histories are kept secure and confidential.

The potential of a further decline in trust, through high-profile privacy hacks, could be that patients avoid making appointments or withold key information because they don’t trust their provider with their medical information and data. In the private sector, patients may choose to manage their health with another provider who offers a higher level of digital trust. This could lead to messy record keeping and a cohort of patients who do not properly engage with the relevant healthcare practitioners, which could in turn lead to poorer health outcomes.

Taking a preventative approach to cybersecurity in healthcare is now the only way forward. Addressing the challenge must start with understanding the varied threat landscape that exists across patient management, record keeping, and the allied health network — crucially, no one organisation or agency can counter cyber attacks on their own. It must be a collaborative effort.

Technology-based solutions that use artificial intelligence and machine learning are an essential and proactive step the healthcare sector can take in this digital climate. One such example is better identity verification — ensuring the identity of the patient on the other side of the screen is who they say they are, and not a cybercriminal. Without taking immediate precautions, the healthcare industry puts the personal data of millions of Australians at risk every day.

No Comments Yet.

Leave a reply