Organ donation and trade: hope and caution
Medical science has advanced by leaps and bounds. However, in many cases, medicines and surgeries are not enough. Sometimes, the only solution is organ transplant. Today, many people encourage organ donation. At the same time, there is a vast global network that thrives on an illegal organ trade. In such a situation, all stakeholders have to work together to make the process beneficial and humane.
Organ donation means donating one’s body tissues or organ – either during lifetime or after death, to a person who needs transplantation. Organs are removed and transplanted with the help of surgery, and is followed up by (often prolonged) post-treatment care, both for the recipient and the donor. Eyes, kidneys, cornea, heart and blood are a human body parts that have great demand.
The most preferred form of donation is of course, cadaver donation. A person may will away his body to a hospital or organ donation initiatives. Thousands of people have benefitted from cadaver donations. Only people who die from irreversible cardiopulmonary failure were once thought to be eligible for cadaver donation, but now, tissues and organs of brain-dead people can also be harvested with the consent of his family members.
The relationship between the donor and the recipient is at the heart of the organ economy. Not everyone can donate, and neither can the recipient get a transplant from anyone. Doctors first have to painstakingly determine which donor matches with which recipient. Several factors, like blood type and family health history are analysed. Based on the results, the donor is matched to the recipient and after necessary preparations, the organ is harvested and then transplanted.
In many cases, a family member, preferably a blood relative is the favoured donor. But there are other patients who do not want to have any personal acquaintance with the donor. Also, in the global perspective, there are many patients who source organs from donors living in poorer countries, and prefer that their relationship remains anonymous.
In other instances, many recipients want to know their donors personally, and if the circumstances permit, they spend quality time bonding with each other and may even interact with their families.
Several organizations, like Donate Life America and European Transplant Coordinators Association work towards facilitating transplants. Organ donation is a state regulated issue, and hence, all civil society organizations and charitable institutions have to register with their respective governments in order to carry out their activities.
Every country today closely monitors organ donation and transplantation networks. Demand for healthy organs and tissues is evergrowing. People have to often wait more than a decade to get a transplant. Organ Procurement and Transplantation Network, which is under the US department of Health Services, estimates that there are more than 114,820 people on the waiting list. Between January and April, 2012, 8987 transplants have taken place.
The huge gap in supply has led to the rise of a powerful underworld of illegal organ trade. In developing countries, poor people often sell their organs to brokers and shady entities, who pay them a pittance for their trouble. While the organ is then sold, and exported in many cases for much higher returns, the donors often go through a prolonged period of pain and agony. There is little post-harvest care available for them, and in many cases, the donors are reluctant to approach the police.
Instances are also widely reported of poor people being held against will and their organs being forcefully removed. There have been instances where authorities have busted rackets, and have even discovered ‘blood camps’, where individuals are kept in a nearly comatose state while being continuously drained of blood.
Hence, most countries have been proactive in stopping exploitation of donors. In European Union, many states follow the system of presumed consent, or ‘opt out’; wherein it is presumed that a person is willing to donate unless he says otherwise. Countries like Austria and Spain have very high donor rates, while Germany and UK, where one has to give consent for donation explicitly, donor rates are low.
However, countries like Sri Lanka and India are major global donors. While in India organ selling is legally banned, it is a lucrative trade. Not only are kidneys, corneas, blood and tissues exported from India, the country is also infamous for supplying skeletons and bones. Sri Lanka officially is entitled to supply organs to many countries, and thus, has turned into the biggest global supplier of eyes.
Many dictatorial regimes have been accused to forceful tissue and organ harvesting by human rights groups, which allege that political prisoners become involuntary donors, and often die from the experience.
Bid for transparency
The existence of the black market is often justified for the ends it serves. Going by the huge supply gap, many patients die while on the waiting list. But doctors, activists and other civil society groups have been fighting to evolve a sustainable system that will allow human organs to be used for bettering lives without demeaning human lives and exploiting donors. The most viable solution is to let donors and recipients interact with each other and the method of obtaining organs be made transparent.
How healthcare can safeguard itself against cyberthreats
One of the most fundamental lessons from the COVID crisis is that health should always be a priority. In a similar fashion to the human body that frequently fights off viruses and foreign invaders that intend to cause it harm, the sector itself is now a prime target for another type of external threat: cyberattacks.
The figures speak for themselves: between December and January this year, hospitals in the UK were at 89% capacity, with 7,000 fewer available beds than there usually are. As the pandemic increased pressure on hospitals, clinics, and research facilities to create a treatment for patients globally, it has left the sector exposed to hackers who, like a virus, have been targeting it relentlessly and evolving their tactics.
From patient records being held ransom, to fake emails claiming to originate from the UN WHO, the NHS, or vaccine centres, through to attacks on the cold supply chain to find out the secret formula of the COVID vaccine, the healthcare industry is facing constant cyberattacks and struggling to cope. This threat is unlikely to go away anytime soon – and as such, the industry needs to take a proactive, preventative stance to stay safe in a dynamic digital world.
The responsive nature of healthcare – particularly of hospitals – means that efficiency is crucial to the industry’s standard operations. To support this, the sector has been embracing technological advancements that can improve the quality of work, enabling staff to meet pressing deadlines, and enhancing patient care. For example, the industry has been digitising records and improving its ways of working through digital means over the past few years.
This shift is critical to offer high quality patient care; yet, it also means the sector has become more dependent on IT, which can come with a risk if cybersecurity processes employed are deemed as inadequate.
Without the correct security measures in place, the desired efficiency gains realised, can be easily lost in a heartbeat. Simply put, an elementary glitch in the system can have a tremendous ripple effect on many areas, from accessing patient records and conducting scans, to maintaining physical security and protecting the intellectual property of experimental treatment development.
To prevent this, healthcare organisations need to ensure they’re considering cybersecurity as part of their overall digital transformation strategy – and setting the right foundations to create a culture where safety goes hand in hand with patient care.
Before implementing cybersecurity process, healthcare organisations need to assess the potential risks they face. Depending on how much confidential data the trust has, where it is stored, who has access to it and via which means, the cybersecurity strategy and associated solutions will change.
It’s fair to say that a medical device start-up where all employees have a corporate-sanctioned laptop and access data via a VPN will have radically different needs to a large hospital with hundreds of frontline workers connecting to the hospital’s Wi-Fi using their personal device.
These requirements will pale by comparison to a global pharmaceutical giant with offices in multiple locations, a large R&D department researching new treatments for complex diseases and a fully integrated supply chain. Considering the existing setup and what the organisations is looking to achieve with its digital transformation strategy will therefore have an immediate impact on the cybersecurity strategy.
Despite this, there are fundamentals that any organisation should implement:
Review and test your back-up policy to ensure it is thorough and sufficient – By checking that the organisation’s back-up is running smoothly, IT teams can limit any risks of disruption in the midst of an incident and of losing data permanently.
In our recent State of Email Security report, we found that six out of ten organisations have been victims of ransomware in 2020. As a result, afflicted organisations have lost an average of six days to downtime. One third of organisations even admitted that they failed to get their data back, despite paying the ransom. In the healthcare industry, this could mean losing valuable patient records or data related to new treatments – two areas the sector cannot afford to be cavalier about.
Conduct due diligence across the organisation’s supply chain – Healthcare organisations should review their ways of working with partners, providers and regulatory institutions they work with in order to prevent any weak link in their cybersecurity chain. Without this due diligence, organisations leave themselves exposed to the risks of third party-led incidents.
Roll out mandatory cybersecurity awareness training - Healthcare organisations shouldn’t neglect the training and awareness of their entire staff – including frontline workers who may not access the corporate network on a regular basis. According to our State of Email Security report, only one fifth of organisations carry out ongoing cyber awareness training.
This suggests it is not widely considered as a fundamental part of most organisations cyber-resilience strategy, despite the fact many employees rely on their organisation’s corporate network to work. By providing systematic training, healthcare organisations can help workers at all levels better understand the current cyberthreats they face, how they could impact their organisation, the role they play in defending the networks, and develop consistent, good cybersecurity hygiene habits to limit the risks of incidents.
Consider a degree of separation – Information and Operational Technology (IT and OT) networks should be separated.
Although mutually supported and reliance on each other, employees shouldn’t be accessing one via the other. This should be complemented by a considered tried and tested contingency and resiliency plan that allows crucial services to function unabated should there be a compromise. Similarly, admin terminals should not have internet access to afford a degree of hardening and protection for these critical accounts.
As the sector becomes a common target for fraudulent and malicious activity, putting cybersecurity at the core of the organisation’s operations is critical. It will help limit the risks of disruption due to cyberattacks, reduce time spent by the cybersecurity team to resolve easily avoidable errors, and ensure that institutions can deliver patient care, safe in the knowledge that their networks are safe.
Fighting future threats
With technology continuing to change the face of healthcare, the surface area and vectors available for attacks by malicious actors is constantly increasing. With the introduction of apps, networked monitoring devices, and a need for communication, the attack vector is ever expanding, a trend that needs to be monitored and secured against.
To prevent any damage to patients, staff, or the organisation they are responsible for, healthcare leaders must put security front and centre of their digital transformation strategy. Only then can the sector harness the full benefits of technology. Doing this should include implementing cybersecurity awareness training to challenge misconceptions around security, encourage conversation, and to ensure employee knowledge of the security basics and threats faced.
This ultimately allows healthcare organisations to do what they do best: provide the highest standard of patient care, safe in the knowledge that their operations, patients, and data are safe.