Financial intelligence for Asia's healthcare markets
 
 
Remember me:

Analysis: How to safeguard your patient’s privacy

Sara Jost, global healthcare industry lead at BlackBerry, explains that putting the systems and procedures in place to deliver a healthy and secure digital healthcare system will protect patient health information and support medical innovation.

In a region as diverse and populous as Asia Pacific, digital healthcare transformation is top of the agenda. With considerably different economic environments, particularly when it comes to technology adoption and regulatory frameworks, there is a variety of different priorities when it comes to providing healthcare services in different countries.  However, the fundamental goal that all nations have in common is to advance digital healthcare to improve the lives of citizens. 

For example, markets such as Singapore, South Korea and Hong Kong, all with aging populations in the millions and rising costs of living, would benefit significantly from digital health initiatives that help to reduce reliance on hospitals. At the same time, in fast-growing markets like India, Malaysia and the Philippines, the digitisation of patient records and information that enables telemedicine services will help to accelerate how to provide better care in less accessible rural areas.

Health organisations in Singapore and around the world are aggressively working digitally to transform the way they operate. Ultimately, this will alter the way healthcare practitioners conduct medical research, treat patients and deliver enhanced and more affordable health services for citizens.

This is a massive undertaking with many variables to consider and security needs to be front and centre in the design process, not an afterthought. As well as keeping patient data safe, healthcare institutions need to manage and secure every digital and physical thing that touches their networks. What do you need to think about?

First, medical records are tempting targets for cybercriminals. Your personal data is invaluable to you – but also to millions of other people. It is reported that personal health information offers 10 times the pay-out on the black market compared to stolen credit card numbers. Last year, two of Indonesia’s major hospitals, Dharmais Hospital and Harapan Kita Hospital, fell prey to a cyber-attack. Patient medical records and billing systems were held ransom by attackers who expected to be paid to free the data. Not only do these disruptions affect healthcare operations, they can threaten lives. Unfortunately, this is not an issue that will go away, but by working together through system and regulatory design, governments and the healthcare industry can better address the challenges of keeping patient data, private.

Second, manipulation of data can have a life or death effect. A few years ago in New York, Blackberry demonstrated how easily IoT-enabled medical devices can be hacked. Working with a white hat hacker, BlackBerry showed how it is possible to hack on a morphine-delivering hospital pump. They were able to control the pump remotely from the hypothetical healthcare system network, install malware and take over the pump – delivering lethal unsafe doses of morphine to an unsuspecting patient.

Third, your staff doesn’t know what to do. The reality is that investing in information security, along with training and staff procedures – is just as important as investing in that latest life-saving drug or medical device. In a survey carried out by global consulting firm PwC showed that only 31% of healthcare payers and providers invest in equipping their staff with industry security practices for the Internet of Things. Most data breaches start internally and hackers often look to exploit the weakest link. 

As the severity of cyber threats continues to escalate worldwide, it is imperative for the healthcare industry to take a proactive stance in safeguarding data transmissions between networked devices. This includes putting solutions in place to secure and manage volumes of data while complying with existing regulations. This is particularly challenging when IT departments are under pressure, balancing legacy systems along with increasingly mobile workforces and new connected devices.

BlackBerry defines this network of intelligent connections as the Enterprise of Things (EoT): that is the devices, computers, sensors, trackers, equipment and other things that are changing the way that companies operate; the products they make and how they serve customers.

For the heath sector, it is the way services are delivered, patients are treated and ultimately, how lives are saved. The question is, how can healthcare institutions do this effectively?

Hack your systems

Many organisations devote all their time to sourcing and building the best security technologies and are misguided that their systems are foolproof. Until they recruit professional ethical hackers and involve their employees in a simulated real world cyberattack, they will not truly know how robust their IT systems are. These simulated attacks could include sending out phishing emails and employ social engineering techniques to test staff, then take action. They should find out where their vulnerabilities are, and develop a countermeasure to rectify it, including necessary training.

Employ a defense in-depth approach to security

While some healthcare providers understand the need to keep their physical and digital assets secure, they realise that they lack the expertise to do so. They do not know how to put in place access management policies and establish cybersecurity audit processes. There is a need for these healthcare institutions to partner with a cybersecurity solutions provider that will deep dive into their company’s systems to ensure that information at every layer (network, device and software) is secure.

Train your workforce

Ask any cybersecurity expert and they will tell you that your employees are the weakest link. They could be exploited by malicious attackers through a myriad of methods, for example through a phishing email or social engineering techniques. It is crucial to keep your staff abreast of the latest cybersecurity best practices and your company’s latest cybersecurity protocols. Conduct regular training sessions, both when staff are on boarded and then ongoing. You can also consider appointing a cybersecurity ambassador to ensure that these policies are followed. All these steps create a culture of culture of cybersecurity awareness and accountability that can effectively minimize risk of data breaches.

Regularly test your systems

Healthcare leaders are sometimes too engrossed with the process of fortifying their security strategy that they forget to consider how they can minimise the negative impact should an incident occur. While prevention is key, preparation remains vital. They should test their systems along with crisis communications notifications to manage cybersecurity threats or major incidents that compromise people’s safety. Crisis simulations involving employees remain one of the best ways to ensure that the health institution is well-prepared.

Healthcare institutions closer to home can learn from examples like Melanoma Institute Australia, which is taking a proactive approach towards data protection and cybersecurity.  It is trialling BlackBerry Workspaces to share medical research securely for a disease that causes 75% of skin cancer deaths in Australia.

In fact, BlackBerry is working with healthcare customers all over the world in different ways to safeguard data and enable secure collaboration using our software. We are also delivering cybersecurity services to train hospital staff and test medical systems, along with crisis communications notifications to manage cybersecurity events or major incidents that threaten people safety. 

Gartner predicts that a quarter of enterprise security attacks will be caused by connected things by 2020. The reality is, the Enterprise of Things is here and the healthcare sector is both the most at risk – and the most underprepared.

Putting the systems and procedures in place to deliver a healthy and secure digital healthcare system will protect patient health information and support medical innovation by removing barriers to collaboration. Ultimately, this will only build more trust in the healthcare systems across Asia Pacific and lead to more positive outcomes for all healthcare professionals and patients alike.

Posted on: 24/05/2018 UTC+08:00


News

Metro Pacific Hospital Holdings, the healthcare unit of industrial conglomerate Metro Pacific Investments, is finally expected to push the button on its Philippine Stock Exchange IPO next year.
MedAdvisor will form a 50:50 joint venture based in Singapore with Zuellig Pharma to commercialise MedAdvisor’s medication management platform in Asia.
Thermo Fisher Scientific, the world leader in serving science, today opened its first Bioprocess Design Centre in Shanghai, China. The new centre is part of a strategy to establish a centre of excellence where Thermo Fisher scientists can connect and collaborate with biologic developers to design optimal bioprocessing solutions.
Mitsui & Co will acquire an additional 16% of the shares of one of Asia’s largest private hospital groups, IHH Healthcare, from Malaysia’s Khazanah Nasional.
Mach7 Technologies, a company specialising in innovative data management solutions for healthcare providers, has raised A$3 million (US$2.2 million) via a private placement.
Pacific Edge is to raise NZ$12 million (US$8.2 million) in a share placement and via a share purchase plan.
We Doctor Holdings, China's leading technology-enabled medical and healthcare solutions platform, joined hands today in Guangzhou with the Guangdong Women and Children's Hospital and Health Institute to launch China's first provincial-level internet hospital for women and children.
Singapore-based medtech startup Ark has raised US$40 million in Series A funding round led by Venturecraft shareholders and joined by Gaorong Capital – formerly known as Banyan Capital. It is one of the largest Series A rounds closed by a southeast Asian firm.



Analysis

French-based international ophthalmic optics company Essilor has signed Letters of Intent with the Royal Government of Bhutan and the Central Monastic Body to strengthen the country’s vision care infrastructure.
April Chang, country manager at Cigna Singapore, argues that wellness programmes at work can lead to reduced absenteeism, higher productivity and increased morale among employees.
Steven Fang understands how to set up a healthcare company. Not only is he chief executive and founder of ASX-listed oncology company Invitrocue, he was also the founder of Singapore-based Cordlife Group, a healthcare company which provides cord blood and cord lining banking services.
Imagine a world in which you can consult with your doctor via video. She asks for a blood sample, which can be collected and analysed from a device in your home. After that is diagnosed, the prescription is automatically sent to the pharmacy and Uber then picks it up. The time from diagnosis to drugs at your home is only 60 minutes.
The digitisation of health data through blockchain technology is a groundbreaking solution that will empower patients and provide them with better access to healthcare.
For too many companies, a stock market flotation is the be all and end all. Chief executives have spent months on roadshows, locked up with bankers and lawyers. Understandably they think that they can now rest on their laurels.
Today is the launch of Asia Pacific’s first Life Sciences Centre of Excellence. It is part of global management consulting firm LEK Consulting’s Healthcare Insights Centre and aims to drive thought leadership and innovation to elevate the life sciences ecosystem in Singapore and the region.
Dementia remains one of the biggest chronic medical issues to face families. A determination to treat the illness is a challenge that Charles Stacey, president and CEO of Singapore-based Cerecin, has grasped with both hands.
my images

Podcasts

HealthInvestor Asia twitter feed