Healthcare is a Major Target for Cybercriminals
The internet of things has transformed the healthcare sector, allowing practitioners to easily share information and deliver personalised treatments. Yet many experts in the security industry believe that of all the industries facing serious cyber threats, healthcare is possibly the most at risk. That’s because relatively speaking, healthcare organisations are still behind when it comes to security defences.
It’s also well-documented that external attackers have set their sights on protected health information (PHI). The value of medical records on the black market is at least 10x higher than credit card data. Why? PHI contains more personal data points and cannot just be reissued in the event of a problem. Bank account details and passwords can be changed following a breach; but information about allergies, disabilities, mental health or hereditary conditions, can’t. So, securing this data and a healthcare institution from these calculated threats should be a top priority.
The nature of healthcare, requires that organisations within this sector keep highly sensitive patient data on file. Doctors need to have this information to make informed decisions about patients, and the ability to easily share this information within a healthcare network, has resulted in significant advancements in the way patients are treated. Personal and medical details are also used by staff who handle post care activities, from post-op follow-up to billing. This reduces the admin involved and makes it a far more efficient experience for patients.
However, housing this kind of personal information poses a severe risk. Without the right security in place, this data is left exposed to external threats, as malicious actors use targeted threats to infiltrate networks. But when you’re dealing with something as important as people’s lives, it’s not enough to only have security in place, the continuity of services is vital. Take the WannaCry ransomware outbreak earlier this year for example, where entire hospitals in the UK were shut down.
Healthcare institutions therefore need to have a cyber resilience strategy in place. This will help them defend against threats such as ransomware, allow continuous access to critical applications and information during an attack and provide the ability to recover data to the last known workable state, after a threat is neutralised.
- Tenet Healthcare looks at the potential sale of its Conifer division
- Cigna acquires Brighter Inc to further its digital transformation
- Curisium receives $3.5mn to advance its healthcare blockchain platform
But it even goes beyond external threats. Equally important is making sure the organisation is insulated from mistakes by both well-meaning employees and malicious insiders. Busy staff members are bound to make mistakes regarding PHI. With the ubiquity of email, it’s not uncommon to find a breach where employees accidentally (or carelessly) attached a spreadsheet or document containing PHI. A mistake like this could result in personal harm or defamation and will have severe implications for healthcare professionals in countries that have data protection laws in place.
To prevent brand damage, fines, and audits, healthcare organisations must actively seek to identify and prevent PHI from leaving the organisation without the proper safeguards in place. However, this can be a monumental task without the right technology. For email, Mimecast recently introduced data loss prevention (DLP) capabilities that can help address this challenge. Healthcare organisations can scan, identify and take action on emails containing PHI. These actions include holding the message for review, encrypting the content, applying secure messaging between parties, converting the files and more. As part of the service, Mimecast can notify the sender, recipient, and administrator of a message flagged as containing PHI.
Ensuring that PHI does not leave the organisation without the proper encryption and safeguards is just as essential as securing against external attackers. Healthcare is the only industry where employees are the predominant threat of a breach.
The healthcare sector is at major risk. The time is now for them to rethink cyber security and implement strategies that make them resilient and prepared for both internal and external threats.
Birdie aims to reinvent elderly care with tech
British startup Birdie has announced it has raised £8.2 million to invest in innovation and scale up the business.
The company's announcement is timely as it follows the criticism of the UK government over their lack of a plan for social care, despite acknowledging the sector is in crisis - around a quarter of the UK's home care providers are on the brink of bankruptcy due to a lack of funds and staffing.
Birdie was born with a mission to "radically improve the lives of millions of older adults", by using app-based solutions, IoT and machine learning to put preventative care at the forefront. The company was founded by Max Parmentier, after experiencing his own frustrations with the care system - his grandfather struggled with the impact of life in a care home, but lacked any other option.
In 2017 Parmentier partnered with venture builder Kamet Ventures to set up Birdie, in a bid to fix this problem. Since then, Birdie has partnered with almost 500 providers across the UK, and supports more than 20,000 older people every week. In the past 12 months alone the number of people Birdie supports has got six times greater.
Birdie’s solution is an app to help care providers deliver more coordinated, personalised and preventative care, by giving them access to digital assessments, medication scheduling and planning tools. By using digital tools to take care of admin, staff have more time to spend with their care recipients.
The new investment will be used to fund Birdie’s next phase of growth in the UK, as the company scales to meet the rapidly growing demand of the aging population. The company will also invest in product innovation, creating new features to address customer requests.
In addition, Birdie is piloting new care models, including partnering with the NHS to identify COVID-19 symptoms, building predictive pharmacy models with AI, and helping health authorities to detect early warning signs of patients’ health risks.
Internally, Birdie is committed to having a progressive company ethos. All salaries are transparent, and staff work asynchronously to maximise flexibility and equity. Staff members also volunteer in their local community during office hours, and the company offsets all its emissions.
These efforts have led to numerous awards, including having the best SME culture in the UK, an Honorable Mention in the Health category of Fast Company’s 2021 World Changing Ideas Awards, and innovation in care at the LangBuisson awards.
“We believe the future of care for older people should be helping them to live at home for as long as possible through the delivery of personalised and preventative care" Parmentier said.
"Birdie is already the partner of choice for caregivers up and down the UK, and this new funding will help us rapidly increase the number we partner with and what we can offer them - meaning more people benefiting from more affordable, quality care. We’re proud of our mission and the values we embody to pursue it.”