Financial intelligence for Asia's healthcare markets
 
 
Remember me:

Analysis: How to safeguard your patient’s privacy

Sara Jost, global healthcare industry lead at BlackBerry, explains that putting the systems and procedures in place to deliver a healthy and secure digital healthcare system will protect patient health information and support medical innovation.

In a region as diverse and populous as Asia Pacific, digital healthcare transformation is top of the agenda. With considerably different economic environments, particularly when it comes to technology adoption and regulatory frameworks, there is a variety of different priorities when it comes to providing healthcare services in different countries.  However, the fundamental goal that all nations have in common is to advance digital healthcare to improve the lives of citizens. 

For example, markets such as Singapore, South Korea and Hong Kong, all with aging populations in the millions and rising costs of living, would benefit significantly from digital health initiatives that help to reduce reliance on hospitals. At the same time, in fast-growing markets like India, Malaysia and the Philippines, the digitisation of patient records and information that enables telemedicine services will help to accelerate how to provide better care in less accessible rural areas.

Health organisations in Singapore and around the world are aggressively working digitally to transform the way they operate. Ultimately, this will alter the way healthcare practitioners conduct medical research, treat patients and deliver enhanced and more affordable health services for citizens.

This is a massive undertaking with many variables to consider and security needs to be front and centre in the design process, not an afterthought. As well as keeping patient data safe, healthcare institutions need to manage and secure every digital and physical thing that touches their networks. What do you need to think about?

First, medical records are tempting targets for cybercriminals. Your personal data is invaluable to you – but also to millions of other people. It is reported that personal health information offers 10 times the pay-out on the black market compared to stolen credit card numbers. Last year, two of Indonesia’s major hospitals, Dharmais Hospital and Harapan Kita Hospital, fell prey to a cyber-attack. Patient medical records and billing systems were held ransom by attackers who expected to be paid to free the data. Not only do these disruptions affect healthcare operations, they can threaten lives. Unfortunately, this is not an issue that will go away, but by working together through system and regulatory design, governments and the healthcare industry can better address the challenges of keeping patient data, private.

Second, manipulation of data can have a life or death effect. A few years ago in New York, Blackberry demonstrated how easily IoT-enabled medical devices can be hacked. Working with a white hat hacker, BlackBerry showed how it is possible to hack on a morphine-delivering hospital pump. They were able to control the pump remotely from the hypothetical healthcare system network, install malware and take over the pump – delivering lethal unsafe doses of morphine to an unsuspecting patient.

Third, your staff doesn’t know what to do. The reality is that investing in information security, along with training and staff procedures – is just as important as investing in that latest life-saving drug or medical device. In a survey carried out by global consulting firm PwC showed that only 31% of healthcare payers and providers invest in equipping their staff with industry security practices for the Internet of Things. Most data breaches start internally and hackers often look to exploit the weakest link. 

As the severity of cyber threats continues to escalate worldwide, it is imperative for the healthcare industry to take a proactive stance in safeguarding data transmissions between networked devices. This includes putting solutions in place to secure and manage volumes of data while complying with existing regulations. This is particularly challenging when IT departments are under pressure, balancing legacy systems along with increasingly mobile workforces and new connected devices.

BlackBerry defines this network of intelligent connections as the Enterprise of Things (EoT): that is the devices, computers, sensors, trackers, equipment and other things that are changing the way that companies operate; the products they make and how they serve customers.

For the heath sector, it is the way services are delivered, patients are treated and ultimately, how lives are saved. The question is, how can healthcare institutions do this effectively?

Hack your systems

Many organisations devote all their time to sourcing and building the best security technologies and are misguided that their systems are foolproof. Until they recruit professional ethical hackers and involve their employees in a simulated real world cyberattack, they will not truly know how robust their IT systems are. These simulated attacks could include sending out phishing emails and employ social engineering techniques to test staff, then take action. They should find out where their vulnerabilities are, and develop a countermeasure to rectify it, including necessary training.

Employ a defense in-depth approach to security

While some healthcare providers understand the need to keep their physical and digital assets secure, they realise that they lack the expertise to do so. They do not know how to put in place access management policies and establish cybersecurity audit processes. There is a need for these healthcare institutions to partner with a cybersecurity solutions provider that will deep dive into their company’s systems to ensure that information at every layer (network, device and software) is secure.

Train your workforce

Ask any cybersecurity expert and they will tell you that your employees are the weakest link. They could be exploited by malicious attackers through a myriad of methods, for example through a phishing email or social engineering techniques. It is crucial to keep your staff abreast of the latest cybersecurity best practices and your company’s latest cybersecurity protocols. Conduct regular training sessions, both when staff are on boarded and then ongoing. You can also consider appointing a cybersecurity ambassador to ensure that these policies are followed. All these steps create a culture of culture of cybersecurity awareness and accountability that can effectively minimize risk of data breaches.

Regularly test your systems

Healthcare leaders are sometimes too engrossed with the process of fortifying their security strategy that they forget to consider how they can minimise the negative impact should an incident occur. While prevention is key, preparation remains vital. They should test their systems along with crisis communications notifications to manage cybersecurity threats or major incidents that compromise people’s safety. Crisis simulations involving employees remain one of the best ways to ensure that the health institution is well-prepared.

Healthcare institutions closer to home can learn from examples like Melanoma Institute Australia, which is taking a proactive approach towards data protection and cybersecurity.  It is trialling BlackBerry Workspaces to share medical research securely for a disease that causes 75% of skin cancer deaths in Australia.

In fact, BlackBerry is working with healthcare customers all over the world in different ways to safeguard data and enable secure collaboration using our software. We are also delivering cybersecurity services to train hospital staff and test medical systems, along with crisis communications notifications to manage cybersecurity events or major incidents that threaten people safety. 

Gartner predicts that a quarter of enterprise security attacks will be caused by connected things by 2020. The reality is, the Enterprise of Things is here and the healthcare sector is both the most at risk – and the most underprepared.

Putting the systems and procedures in place to deliver a healthy and secure digital healthcare system will protect patient health information and support medical innovation by removing barriers to collaboration. Ultimately, this will only build more trust in the healthcare systems across Asia Pacific and lead to more positive outcomes for all healthcare professionals and patients alike.

Posted on: 24/05/2018 UTC+08:00


News

SGX-listed Acromec, which designs and builds medical and sterile cleanrooms, has secured another contract in the healthcare sector valued at S$2.9 million (US$2.1 million). It is expected to be completed by the end of the year.
Sydney-based 1st Group, the Australian digital health, media and technology group, has appointed Richard Rogers as chief financial officer. He joins from Lenovo Australia & New Zealand.
Asia-focused market expansion services provider DKSH is to sell its healthcare business in China to Warburg Pincus for SFr100 million (US$100.7 million).
Summerset Group, New Zealand’s third-largest listed retirement village operator, has said that it expects underlying half year profits to jump between 21% and 26% to NZ$43 million (US$29.4 million) and NZ$45 million.
Patient flow management firm Jayex Healthcare has signed a binding licence agreement with medical cannabis company MediCann NZ under which it will be granted the exclusive use and application of its technologies in New Zealand in connection with their proposed sale and distribution of medical cannabis products in line with the expected deregulation in New Zealand of medical cannabis.
IDS Medical Systems Group, a leading medical supply-chain solutions company in Asia, and Tencent-backed We Doctor have formed idsMED WeDoctor China, the country’s first smart medical supply chain solutions and procurement company.
Australian medtech company Resonance Health has signed an alliance partner agreement with Blackford Analysis which grants it rights to integrate and combine Resonance Health products with, or sell and license Resonance Health products in connection with the host application.
Malaysian medical services company Adventa has scrapped plans to raise M$80.2 million (US$20.3 million) after Top Glove Corporation, the world’s largest rubber glove manufacturer, announced legal proceedings against its parent Adventa Capital and two of its directors.



Analysis

Ping An Healthcare and Technology, formerly known as Good Doctor, has signed contracts with nearly 200 large corporations, including Vanke, Greentown, Bank of China, China Telecom, China National Nuclear Power, Evergrande Group and provides services to nearly 1.5 million employees, covering 27 provinces, autonomous regions and municipalities.
Earlier this week, Cigna Corporation released the results of its 2018 Cigna 360° Well-Being Survey – Future Assured. The findings, which were tracked over a four year period, show rising awareness of the need to prepare for old age, which includes being continually active and financially independent. As a result, people are working harder today, and increasingly calling on employers to help in managing workplace stress.
Auckland-based ehealth software company Orion Health is to sell off two significant parts of its business to private equity technology investor Hg for NZ$225 million (US$150.7 million). The sale could revitalise a company that has struggled recently.
Aon’s inaugural Asia Healthcare Trends Report 2017/18 shows that although Hong Kong has a lower medical inflation rate than the average in APAC, it is the highest in Greater China.
Out of date and unsecure fax machines are still being used to share patient information between healthcare providers in Australia. Not only do fax machines cause frustration for healthcare providers trying to communicate with each other, they can also cause patient harm.
Health and well-being programmes are fragmented and do not meet the needs of stressed Asia workforces, finds Willis Towers Watson. By and large, employers in Asia still miss the mark when it comes to their health and well-being benefits, with many employees feeling that their needs are not met, according to research from the global advisory, broking and solutions company.
According to a survey of biopharma companies by L.E.K. Consulting, the majority of firms from Western Europe or the US are interested in China, specifically those at Phase 2 or later development.
Sara Jost, global healthcare industry lead at BlackBerry, explains that putting the systems and procedures in place to deliver a healthy and secure digital healthcare system will protect patient health information and support medical innovation.
my images

Podcasts

HealthInvestor Asia twitter feed