Please support Telehealth.org’s ability to deliver helpful news, opinions, and analyses by turning off your ad blocker. Three Advancements In Healthcare Cybersecurity
Healthcare cybersecurity for 2022 makes available technologies that are already familiar to many average consumers and those currently known only by advanced security professionals. This article outlines the different types of security most likely to be used in 2022. Three broad categories of such innovative technology include secure access service edge (SASE), eliminating passwords, and zero trust, according to recently published research conducted by Healthcare Information and Management Systems Society HIMSS.
- Secure access service edge, or SASE, is a cloud-based IT model that bundles software-defined networking with network security functions and delivers them from a single service provider. Having a single source minimizes the opportunity for hackers to intervene at digital data transfer points. SASE replaces Virtual Private Networks (VPNs) for remote work as it constitutes digital identity in various forms to strengthen cybersecurity. SASE uses security measures and SD-WAN [software-defined wide-area network] cloud.
- Password elimination is feasible using a number of techniques to strengthen cybersecurity when accessing networks. Fingerprints, SMS texted one-use codes, authenticator apps, and zero trust are alternatives to passwords that add extra layers of protection. Authenticator apps are two-factor authentication software produced by a number of companies, including Google, Microsoft, and other industry leaders.
- Zero trust is another means of strengthening healthcare’s cybersecurity to allow more computing outside their perimeter in the cloud, even if it has been previously paired to a network.
What Is Blockchain in Healthcare?
Two cybersecurity technologies to watch in 2022 include blockchain and homomorphic encryption. Blockchain is a digitized system of recording and tracking information changes in ways that make it difficult or impossible to change or hack. The principles underlying blockchain are simple, but applying these principles to securing data storage is revolutionary. When applied to healthcare, each block in the chain contains a specified number of transactions. Whenever a new transaction occurs on the blockchain, a record of that transaction is irrevocably added to the patient’s ledger.
Blockchains work through a cooperative network of stored information that originates from an individually trusted platform. This singular trusted platform can only be accessed by authorized medical personnel, strengthening security. Blockchain technology is less costly and more feasible than homomorphic encryption, allowing persons to integrate by utilizing something similar to plain text safely. In addition, blockchain will only allow authorized users to retrieve data that they have been permitted to access. A 2020 published article by Telehealth.org examined how blockchain technology is being used in behavioral health. See What Is a Blockchain EHR and How Can It Help in Substance Abuse Opioid Treatment?
Homomorphic encryption allows changes to be made to data without decrypting the original data. This process allows data to be encrypted and out-sourced to outside commercial cloud environments for processing while remaining encrypted in transit.
Will There Be More Threats To Healthcare Cybersecurity Going Forward?
Healthcare will always be subjected to ransomware attacks and data breaches. Companies with fewer employees have typically invested fewer funds to secure access to their data, making them more vulnerable and more likely to be targeted by hackers. Smaller companies accounted for 70% of cyberattacks in 2021.
Three factors regarding healthcare’s cybersecurity will help in 2022:
- Many governments across the globe now take ransomware matters more seriously and will pursue cybercriminals. The United States is a leader in this area. Ransomware is malware that infects a user’s computer and encrypts files. The hackers then demand a ransom for users to regain access to their data.
- Cooperation to address cybersecurity is happening internationally, so investing in training and responsiveness across systems and countries now is more productive than ever before. In the past, governmental efforts to address cybersecurity threats were more easily thwarted by hackers using offshore accounts and virtual private networks, which both help to shield the source of attacks.
- Regulations are at play to tackle all digital currencies, including bitcoin. However, these new measures may only result in more savvy and sophisticated cyber attackers. Companies should prepare by having organizations perform regular data backups and integrity checks. Getting cybersecurity training and installing a patch management system for employees will limit access to cyberattacks as well. Patch management is the practice of identifying, deploying, and verifying software updates for an organization’s network devices. Lastly, all smart medical equipment, including elevators and HVACs, should be safeguarded as cyberattackers look for new ways to infiltrate healthcare systems.
Estimates for Cybersecurity Expenditures in 2022
According to research conducted by HIMSS, 29% of the healthcare industry will be adapting to biometrics, with 28% conducting digital forensics and penetration tests (a simulated cyberattack against your computer system to check for exploitable vulnerabilities) in the next two years. Although this plan is set in motion, 43% claim a lack of funding holds organizations back from implementing healthcare cybersecurity, increasing this industry’s risk of cyberattacks.
Essential Telehealth Law & Ethical Issues
Bring your telehealth practice into legal compliance. Get up to date on inter-jurisdictional practice, privacy, HIPAA, referrals, risk management, duty to warn, the duty to report, termination, and much more!
