Healthcare firms leaving "thousands of sensitive files open"
A new report on data risk in healthcare, pharmaceuticals and biotech has found that many organisations have serious security gaps exposing them to risks.
The report, by data security and analytics firm Varonis, includes data from global healthcare organisations in the UK, US, France and Germany, compiled using data analysis of 3 billion files across 57 organisations.
It revealed that overexposed data and an increased number of highly sophisticated cyber attacks have made healthcare one of the most at-risk sectors in 2021.
It also highlights the importance of how organisations manage the security gaps created by remote working and cloud migration. When companies have obvious gaps like passwords that never expire and folders containing sensitive data open to every employee, their risks increase.
Key findings from the report include:
- 2/3 of healthcare organisations have over 500 passwords that never expire
- On average, 79% of all data is stale
- Nearly 20% of files are open to every employee in healthcare organisations (on average)
- 31,000 sensitive files (HIPAA + financial + proprietary research) are open to everyone
- Over 50% of organisations have more than 1,000 sensitive files open to every employee
Smaller organisations in particular had a concerning amount of exposed data, including sensitive files, intellectual property and patient records. On their first day, new employees at small companies have instant access to over 11,000 exposed files, and nearly half of these contain sensitive data. This creates a massive attack surface and increases the risk of noncompliance in the event of a data breach; the average data breach cost $7.13 million in 2020, a 10.5% increase on the year before.
To tackle increasingly malicious cyberattacks, the report concludes that hospitals, pharmaceutical companies, and biotech firms need to double down on their incident response procedures and mitigation efforts. Restricting access, locking down sensitive data, and restricting lateral movement in their environments are the bare minimum measures they must take to protect their data.
Skin Analytics wins NHSX award for AI skin cancer tool
An artificial intelligence-driven tool that identifies skin cancers has received an award from NHSX, the NHS England and Department of Health and Social Care's initiative to bring technology into the UK's national health system.
NHSX has granted the Artificial Intelligence in Health and Care Award to DERM, an AI solution that can identify 11 types of skin lesion.
Developed by Skin Analytics, DERM analyses images of skin lesions using algorithms. Within primary care, Skin Analytics will be used as an additional tool to help doctors with their decision making.
In secondary care, it enables AI telehealth hubs to support dermatologists with triage, directing patients to the right next step. This will help speed up diagnosis, and patients with benign skin lesions can be identified earlier, redirecting them away from dermatology departments that are at full capacity due to the COVID-19 backlog.
Cancer Research has called the impact of the pandemic on cancer services "devastating", with a 42% drop in the number of people starting cancer treatment after screening.
DERM is already in use at University Hospitals Birmingham and Mid and South Essex Health & Care Partnership, where it has led to a significant reduction in unnecessary referrals to hospital.
Now NHSX have granted it the Phase 4 AI in Health and Care Award, making DERM available to clinicians across the country. Overall this award makes £140 million available over four years to accelerate the use of artificial intelligence technologies which meet the aims of the NHS Long Term Plan.
Dr Lucy Thomas, Consultant Dermatologist at Chelsea & Westminster Hospital, said: “Skin Analytics’ receipt of this award is great news for the NHS and dermatology departments. It will allow us to gather real-world data to demonstrate the benefits of AI on patient pathways and workforce challenges.
"Like many services, dermatology has severe backlogs due to the COVID-19 pandemic. This award couldn't have come at a better time to aid recovery and give us more time with the patients most in need of our help.”