Maintaining Health Data Security, Resilience With Autonomous Governance

July 13, 2022 - Autonomous governance can help healthcare organizations bolster data resilience, improve data security efforts, and increase efficiency.

Standard data governance practices dictate the processes and data standards that organizations use to manage the availability, security, and integrity of data within its systems. Autonomous governance takes these practices a step further and allows organizations to simplify and scale data governance practices by using cloud technology and artificial intelligence (AI) insights to automate the application and infrastructure lifecycle.

As digital complexity increases and cybersecurity concerns grow, an automated digital infrastructure will become necessary for streamlining workflows while maintaining security and compliance.

Current data governance challenges in healthcare

An uptick in healthcare data breaches, a global pandemic, the widespread shift to the cloud, a renewed focus on digital transformation driven by consumerization, and increased interoperability have put the healthcare sector in a unique position.

In fact, a recent IDC InfoBrief sponsored by Red Hat suggested that healthcare organizations are facing more pressure than ever before. More dependencies across legacy applications and data, continuous deployment, and increased workload portability are contributing to a rise in complexity across the sector.

The InfoBrief predicted that by 2023, 70 percent of healthcare organizations’ attempts to scale value-based care models will result in failure unless they invest in data-driven governance and organizational infrastructure. By 2024, 75 percent of enterprises will prioritize operational efficiency and infrastructure agility, resulting in a fivefold increase in the adoption of cloud-native architectures used for core business applications.

To meet the demands of regulators, consumers, and clinicians while maintaining data security and integrity, organizations must take an autonomous and unified approach to data governance.

The global pandemic served as a catalyst for widespread change in the health IT space, according to Marc Mangus, principal specialist solution architect of global health care at Red Hat.

At the onset of the pandemic, healthcare organizations were forced to increase their capabilities and capacity swiftly while juggling higher patient volumes and maintaining business continuity. Now, healthcare organizations are taking a step back to reassess their digital infrastructures and make improvements to ensure data resilience and security.

“The most progressive companies are the ones that are using this as an opportunity to rethink how they’ve always done things. They realize that the business-as-usual isn’t going to cut it going forward,” Mangus explained.

Security, compliance, and the rollout of applications and infrastructure are largely manual processes for many healthcare organizations currently. As complexity increases, manual approaches to security, provisioning, and patching are becoming less realistic.

Additionally, the ongoing cybersecurity workforce shortage means that many organizations lack the staff needed to keep up with infrastructure improvements.

As a result, healthcare organizations are increasingly seeing the benefits of a resilient, self-healing, autoscaling digital infrastructure.

Benefits for security, compliance, and data resilience

The Federal Bureau of Investigation’s (FBI) Internet Crime Complain Center (IC3) found that the healthcare sector faced the most ransomware attacks of any sector in 2021. The IC3 also observed a 7 percent increase in total internet crime complaints in 2021 compared to 2020.

According to IBM’s most recent data breach cost report, healthcare data breaches cost an average of $9.23 million per incident, signifying a $2 million increase over the previous year.

Considering the uptick in healthcare cyberattacks and the unpredictability of the cyber threat landscape, healthcare organizations must implement adaptive, automated, and scalable data governance technologies to maintain business continuity.

Autonomous governance allows organizations to automate security and compliance efforts and simplify IT infrastructures.  With these processes in place, healthcare organizations will be better equipped to handle unforeseen security and compliance events and can focus strictly on delivering quality care.

Autonomous governance can ease complexity by reducing human error, integrating workflows, and improving end-user agility. With automation, organizations can also maintain consistent security, adapt quickly to infrastructure changes, and save time and money.

In addition, autonomous governance can help organizations avoid significant business and security risks, such as ransomware that renders systems unusable, unsuccessful application deployments that require rollbacks, and lost revenue resulting from unexpected downtime.

Standardizing and automating data governance efforts allows for faster reaction time in the face of adverse events, streamlined workflows, and increased security in the cloud, at the edge, and within an organization’s datacenters.

Entirely manual processes are no longer viable for healthcare organizations with limited IT staff and an increased need for the continuous flow of data.

“Autonomous governance is not really an option anymore,” Mangus suggested. “It’s only a matter of how much you do it and how fast you get it done.”

Tips for implementing autonomous governance

Effectively implementing autonomous governance requires organizations first to reevaluate their existing processes. Rather than organizing the workforce around a specific task or function, Mangus suggested that organizations focus on value streams.

What is the downstream value of autonomous governance to your members if you are a payer or to your patients if you are a provider?

“Start with the high-value processes first,” Mangus advised. “Many companies implementing a change like this want to focus on something peripheral that they can get away with changing without making a lot of ripples. But this is a wholesale change to the way that they do business, so they need to do it carefully and intentionally in a way that they can easily demonstrate value to the rest of the organization.”

Starting out, organizations should analyze current operational challenges and opportunities for improvement. Next, organizations should collaborate across IT and other disciplines to set tangible goals.

Leveraging a vendor-neutral service for autonomous governance can help organizations avoid vendor lock-in, the brief noted. Finally, organizations should invest in observability, artificial intelligence, and programmable automation and link the results to business outcomes.

In addition to focusing on high-value processes, Mangus urged organizations to determine how they will realize the outcome of this type of project before beginning the implementation process.

“Many organizations will look at surface-level benefits like efficiency or cost reduction,” Mangus explained. “But those can become red herrings to chase if they are not looking at the project holistically.”

Mangus recommended that organizations present autonomous governance to the board as an experiment. Focus on improving key processes on a small scale within the business’ core functions, and then demonstrate that it actually works before going all-in.

“Get some excitement going in the organization and then build from there,” Mangus advised.

“You can’t go at this timidly. With chaos comes opportunity, and it is time to really look at massive changes because the status quo isn’t going to work anymore.”

_____________________________

About Red Hat

Red Hat's open approach to governance is helping healthcare customers to:

• React to security and compliance events in real-time
• Shift the business focus to consumerization
• Leverage a single, automated governance platform on premise and in the cloud.

Learn more at redhat.com/health