Healthcare Information Security

Cybersecurity News

Shifting the Corporate Focus to Healthcare Data Security

Healthcare data security is no longer just an IT issue, and needs to be a key focus area of the corporate world.

The corporate world must ensure healthcare data security is current and comprehensive.

Source: Thinkstock

By Bill Kleyman

- Healthcare environments continue to change and evolve within today’s digital environment. In fact, many healthcare shops are working extra hard to align with a new, “digitally native” user. We’re seeing things like digital services, connected devices, smart user portals, and entire new healthcare segments begin to emerge. All of this fueled by advancements in technology and demands from our end-users.

Still, the deployment of core healthcare systems still revolves around a lot of traditional thinking. Here’s a server, there’s a switch, and this is your storage. Now, let’s deploy an app or two.

To truly become a part of the digital healthcare landscape, we have to broaden our collective minds and really understand how we define healthcare and security.

I absolutely predict that next-generation healthcare services will be defined as such:

  • The direct integration of technology, security, and healthcare services designed to positively impact the lives of the users.

Remember, security isn’t just about losing data or protecting a machine. Rather, the conversation must revolve around users, their experience, and how various services are developed around security.

READ MORE: Healthcare Data Breach Costs Highest for 7th Straight Year

A recent Gartner report indicated that by 2020, at least one major safety incident will be caused by an IT security failure, leading to significant injury.

A temporary loss of power from a failed power grid is inconvenient, a loss of control by an automated medical device administering a drug could be dangerous. It is easy to imagine a scenario that an IT failure could have a physical safety outcome. The increasing complexities of connections means things and infrastructure with different levels of security are now interacting. It will be difficult to predict the risk that will arise.

To understand next-generation security, healthcare leaders must work with good partners and technologies to get a better vision on the entire architecture. And, how that architecture combines the healthcare environment, the users, and its services.

But, before we can even get to that point, we need to shift the paradigms of healthcare leaders to see the big picture, and begin to have this more inclusive conversation. To get that chat started, consider this:

Your healthcare users are already a part of the digital economy

I know I certainly am. I love being able to leverage a nice, and easy-to-use, patient portal. I can check on my appointments, schedule visits, chat with my medical team, and do a lot more. And, you know what? I’d probably switch away from a healthcare provider that didn’t have something like this. As part of a millennial generation, I love leveraging technology to make life easier. However, if you’re simply letting the digital evolution pass you by, you will lose out on many emerging markets and disenfranchise a lot of young potential patients. Your digital transformation will also revolve around security transformation. To become a part of this digital economy, your security practices must evolve to support new users, new healthcare services, and new markets. All of this will increase your healthcare footprint and allow you to compete in today’s digital economy. 

Your competition is absolutely looking at new ways to enhance security and healthcare service delivery

READ MORE: How Cybersecurity Affects the Evolving Healthcare CISO Role

You better believe they are! Organizations are investing in everything from tele-medicine to advanced patient portals. And, they’re also having direct conversations around wrapping security into all of these initiatives. Where are you on this journey? Are you still stuck on legacy systems providing ‘good enough’ healthcare services? Getting in front of your competition is not hard. Good partners can help evolve an analog IT environment into a new digital framework and wrap security around it as well.

A good security architecture can drastically reduce risk around new technologies like cloud

Gartner recently pointed out that “adding telemetry to cloud workloads will be important to manage security failures. Even if the vendor is safe, telemetry and documented testing will allow security teams to show the business proof the cloud is working and is safe.” You can’t manage a digital environment into which you have little-to-no visibility. Wrapping security, monitoring, and end-user best practices will reduce your overall threat footprint and allow you to respond to changes quickly. A good security architecture will tie various systems together while still allowing you to be agile. Most of all, this helps create better visibility into end-user performance and interaction. These are all critical points to make better and more informed business decisions.

Testing next-generation security platforms is easier than ever and can have a big impact on your healthcare business

You don’t have to take unnecessary risks when deploying new systems or security environments. In fact, you can do some very thorough testing and even establish your ROI. The competition around security technologies will actually play into corporate healthcare benefits. Partners and vendors are a lot more eager to prove their technologies and help you with a proof-of-concepts. Take your time to understand core security features around things like cloud, virtualization, big data, storage, encryption, and more.  Furthermore, you should absolutely test these systems in real-world test environments within your organization as well. It’s much easier to examine these types of architectures around your specific environment. This helps you build a clear use-case, understand the fit for the technology, and how to evolve for future requirements. 

A report from Juniper stated that the average cost of a data breach in 2020 will exceed $150 million by 2020, as more business infrastructure gets connected. However, it’s pretty clear that healthcare data is a lot more valuable.

A recent data breach report from Ponemon showed that the average global cost of data breach per lost or stolen record was $158. However, healthcare organizations had an average cost of $355 and in education the average cost was $246. Transportation ($129), research ($112) and public sector ($80) had the lowest average cost per lost or stolen record. Furthermore, breaches in the healthcare industry total $6.2 billion annually, with the average cost of a single data breach across all industries now $4 million.

READ MORE: Prioritizing Data Privacy, Security in the Healthcare C-Suite

As a leader in the healthcare world, you don’t want to be in this boat. And, the only way to really navigate the waters of healthcare data security is to start having real-world conversations, working with good partners, and involving your entire organization in the process.

Remember, security is SO much more than just a server, an app, or a piece of data. It’s about experience, building confidence, and using new systems to deliver powerful healthcare services.

If you design around security properly, you will see a significant reduction in security challenges.

A good final point to end on would be Gartner’s findings around cloud and security. By 2018, the 60 percent of enterprises that implement appropriate cloud visibility and control tools will experience one-third fewer security failures.

Start approaching security from a digitally-native perspective, and positively impact your entire healthcare organization. 


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks