Healthcare security should start with identity
Despite millions of dollars in potential fines, declining reputation and lost productivity, security spending in most hospitals still averages less than 4% of their total IT budgets. That’s according an article by Healthcare Informatics, which consisted of data gathered by KLAS Research and CHIME. The same report further outlined the state of provider preparedness when it comes to protecting sensitive health data.
Merely 16% of surveyed organisations reported having “fully functional” security programs. While another 43% admitted to either not having a security program or still developing one. Furthermore, only four out of 10 organisations have a vice president or C-level official in charge of cybersecurity. And finally, less than two thirds said security is discussed quarterly at board meetings.
These numbers suggest most providers still have a long way to go when it comes to addressing the reality of cyber security in 2017. That said, where should you start and where will you get the most bang for your buck? The answer is to start with identity where there are significant business benefits.
While news headlines are focused on unwanted intrusions by outsiders, it is important to remember approximately half of all healthcare data breaches in 2016 were attributed to insiders, whether due to malicious intent or by accident. And who are the insiders? They are clinical and operational employees, contractors, vendors and partners—all of whom require access to your data as part of their regular workflow.
- Ottawa Hospital: Transforming health care from the inside out
- MyHealth Centre: Quality patient experience
- Apollo Hospitals: Personalizing healthcare with technology
By placing identity at the centre of a hospital’s or health system’s cybersecurity program, you gain complete visibility and control over who has access to critical applications and data, including the EHR system. When done properly, managing access will strike a perfect balance between the need for strong security and the need for streamlined clinical and operational workflow. Ultimately, this enables providers to focus on what they do best—delivering patient care.
Molina Healthcare, for instance, has 20,000+ employees and a complex hybrid-IT environment with applications running in the data centre and in the cloud. Aligning security efforts around identity enabled them to implement a self-service access request process, which streamlined IT processes and reduced business-user frustration by speeding delivery of access to applications and data. Furthermore, because claims processing is a large part of Molina’s business, speeding up this process has provided great value to the organisation. Finally, because identity became a central focus, IT gained visibility into who has access to what data, and the ability to ensure users have the right access to the right data at the right time.
For healthcare providers, Molina serves as a great example of how identity governance and access management not only helps providers secure sensitive health data, it streamlines clinical and operational workflows.
Zoom enters the healthcare market - a timeline
Since the pandemic began Zoom has become an integral part of daily life for people working from home, as well as a vital tool for families and friends to communicate. However it's also been eyeing up the healthcare space since 2017, and following the boom in telehealth the company has been rolling out additional services. Here we chart Zoom's move into healthcare.
2011 - 2013
Zoom is founded in San Jose, California, by Eric Yuan, formerly of Cisco. He got the idea to create a video calling platform from his visits to his girlfriend while he was a student, which would take 10 hours by train.
A beta version is released in 2012, which can host up to 15 participants. In 2013 this rises to 25. By mid-2013, Zoom has 1 million users.
2014 - 2017
Zoom attracts investors, including Sequoia Capital, Emergence and Horizon Ventures. By January 2017, Zoom has a series D funding worth $100 million.
2017 - 2019
Zoom for Telehealth launches, including an integration with EHR system Epic. It has cloud-based video, audio, and content sharing features, a "waiting room" for patients, and can easily be integrated into healthcare provider's workflows.
In 2019 Zoom goes public, with its IPO rising 72% in one day.
As a result of the pandemic, Zoom gains 2.2 million new users, more than in the whole of 2019. On the 23rd of March alone - the day the UK lockdown was announced - the platform was downloaded 2.13 million times around the world.
Share prices rise to around $150, and founder and chief executive Eric Yuan becomes one of the world's richest people, with an estimated net worth of $7.9 billion.
Early security issues are addressed by encrypting data with the Advanced Encryption Standard (AES). By now the the platform allows 99 people to be on a call simultaneously
New features launch, including Zoom Home and Zoom for Chats. Throughout the year the platform is used to replace most kinds of real life events: work meetings, online classrooms, church services and social events.
Renamed Zoom for Healthcare, users can share secured video, audio, and content through desktops, mobile phones, and conference devices. As well as Epic, it can be integrated with Strmr, IntakeQ, and Practice Better.
It can also be used with diagnostic cameras and other point-of-care devices, including digital stethoscopes.
In an interview with Korea Biomedical Review, Zoom Global Healthcare Lead Ron Emerson said: "Our service is not simply a virtual care and telemedicine platform but a multi-purpose platform that can satisfy the needs of healthcare institutions."
"It can be used for administrative tasks, including telemedicine, medical team meetings, recruitment, medical education, employee training, and disease prevention. Analysing electronic records managed by Zoom could provide meaningful insights into patient care."
Phoenix Children's Hospital, Belfast's Hospital Services Limited, Butler Health Services and the global Project ECHO are among Zoom for Healthcare's current customers.