A Security Prescription for Healthcare IT in 2022By Sascha Giese
Just two years into the COVID-19 pandemic, the healthcare industry across the Asia Pacific region has made leaps and bounds in terms of digital transformation while simultaneously battling with waves of COVID-19 infections, mass testing, and vaccinating the public.
Recognizing the necessity of new approaches to supporting their patients in these unprecedented times, the industry uses technologies such as artificial intelligence (AI) and the cloud to offer new digital solutions such as telehealth consultations. However, this has added to the healthcare IT teams never-ending stream of challenges, who are already battling greater data workloads, aging infrastructure, and burgeoning security issues.
According to a report commissioned by cybersecurity company Censinet, surveyed healthcare providers reported a rise in attacks consistent with the COVID-19 pandemic. Even more devastating, a quarter of healthcare organizations shared ransomware attacks in the last two years have contributed to the death of patients in their care.
How healthcare IT professionals manage and mitigate these emerging technical challenges will determine not only the hospital’s preparedness to adapt but also their ability to save lives. Here are several key areas healthcare IT professionals should consider to help ensure operations remain efficient, effective, and secure.
Taking Precautionary Measures
Healthcare providers in Asia Pacific are no strangers to cybersecurity issues. In mid-2018 SingHealth, Singapore’s largest group of healthcare institutions suffered the country’s worst cyberattack with hackers stealing personal information of 1.5 million patients, including Prime Minister Lee Hsien Loong’s data. And in 2017, global crypto ransomware software WannaCry locked up entire IT systems of hospitals and schools across Asia, emphasizing the need for IT professionals to constantly remain vigilant.
Cybercriminals not only hold data and private details ransom; they hold the lives of the patients in their (virtual) hands. As hospitals already struggle with an influx of patients and overflowing emergency due to the COVID-19 pandemic, any downtime or compromise of their digital infrastructure could negatively impact their patients and the quality of care. Consequently, having a solid backup and recovery procedure in place will ensure high availability for critical areas such as the ICU or operating theatre, which in turn saves lives.
Hospital IT teams should regularly and consistently back up critical information; by being able to restore mission-critical data from recent save points, hospitals wouldn’t have to give in to ransomware demands to retrieve encrypted patient data. This not only helps ensure compliance but allows the already-limited funding and resources to be channeled towards fighting the pandemic.
Database Management: The Ultimate IT Health Insurance
Hospitals are not only stretched on manpower—their IT systems are stretched as well. Every new patient visit means storing an ever-increasing list of data, such as vaccine information and past travel records. For example, hospitals in Singapore have synced their databases with citizens’ digital ID Singpass to facilitate and expedite nationwide vaccination efforts. Consequently, it is crucial for personal information to be stored on a central database securely while also remaining accessible.
On top of climbing data workloads, there is the issue of compliance. IT teams need to protect sensitive patient data and ensure compliance with data protection laws such as Singapore’s Personal Data Protection Act (PDPA). While most healthcare IT systems already have access control procedures in place, the unpredictability of the pandemic means more doctors, patients, and governmental organizations could need immediate access to this data for testing or diagnosis.
Solutions like data discovery and classification are helpful, but to improve accessibility while ensuring data remains secure, hospital IT teams should consider employing a database management tool. Through this solution, an additional layer of governance is introduced while also monitoring anomalies and maintaining detailed access logs.
Consolidation Is the Antidote
Hospital IT infrastructures are digital labyrinths, made up of multiple systems, software, and applications running simultaneously in the background. As the healthcare industry adapts to the pandemic and increasingly adopts data-driven technologies such as the Internet of Things (IoT) and artificial intelligence (AI), IT teams are facing an insurmountable task of continuously managing, monitoring, and updating.
At first glance, the obvious solution would be to consolidate the entire IT infrastructure, but this comes with its own set of risks and challenges. Any change by removing or consolidating a solution might break integrations or cause dependencies to stop working, resulting in operation disruption and more risks, inconveniences, and delays. In addition, medical staff might consider certain software or platforms as essential for them to perform their jobs, and the IT team would need to dedicate time to train them in using the new platform.
To tackle these issues with precision and efficiency, deeper insight into the network is necessary to pinpoint issues and tackle them at the root. An effective network performance monitor will provide this valuable utilization data, providing IT professionals with a birds-eye view of all the systems and solutions critical to ongoing operations. Armed with this information, they can more accurately map out the entire IT infrastructure and identify which areas can be optimized and consolidated, and which should be left untouched.
Immunizing Healthcare IT for Future Challenges
As Asia’s healthcare sector continues to grow and change in response to the COVID-19 pandemic, IT teams should prepare for integrating more data, systems, and platforms into existing infrastructure. Given the growing proliferation and sophistication of cybersecurity attacks, they also need to ensure seamless integration while mitigating security risks. To remain ahead, IT teams must waste no time and proactively work on consolidating their infrastructure, establishing backup processes, and protecting their databases. Only with a functioning IT system in place can healthcare workers effectively carry out their duties and save lives, making the IT department a key pillar in the future of the healthcare industry.