Financial intelligence for Asia's healthcare markets
 
 
Remember me:

Analysis: How to safeguard your patient’s privacy

Sara Jost, global healthcare industry lead at BlackBerry, explains that putting the systems and procedures in place to deliver a healthy and secure digital healthcare system will protect patient health information and support medical innovation.

In a region as diverse and populous as Asia Pacific, digital healthcare transformation is top of the agenda. With considerably different economic environments, particularly when it comes to technology adoption and regulatory frameworks, there is a variety of different priorities when it comes to providing healthcare services in different countries.  However, the fundamental goal that all nations have in common is to advance digital healthcare to improve the lives of citizens. 

For example, markets such as Singapore, South Korea and Hong Kong, all with aging populations in the millions and rising costs of living, would benefit significantly from digital health initiatives that help to reduce reliance on hospitals. At the same time, in fast-growing markets like India, Malaysia and the Philippines, the digitisation of patient records and information that enables telemedicine services will help to accelerate how to provide better care in less accessible rural areas.

Health organisations in Singapore and around the world are aggressively working digitally to transform the way they operate. Ultimately, this will alter the way healthcare practitioners conduct medical research, treat patients and deliver enhanced and more affordable health services for citizens.

This is a massive undertaking with many variables to consider and security needs to be front and centre in the design process, not an afterthought. As well as keeping patient data safe, healthcare institutions need to manage and secure every digital and physical thing that touches their networks. What do you need to think about?

First, medical records are tempting targets for cybercriminals. Your personal data is invaluable to you – but also to millions of other people. It is reported that personal health information offers 10 times the pay-out on the black market compared to stolen credit card numbers. Last year, two of Indonesia’s major hospitals, Dharmais Hospital and Harapan Kita Hospital, fell prey to a cyber-attack. Patient medical records and billing systems were held ransom by attackers who expected to be paid to free the data. Not only do these disruptions affect healthcare operations, they can threaten lives. Unfortunately, this is not an issue that will go away, but by working together through system and regulatory design, governments and the healthcare industry can better address the challenges of keeping patient data, private.

Second, manipulation of data can have a life or death effect. A few years ago in New York, Blackberry demonstrated how easily IoT-enabled medical devices can be hacked. Working with a white hat hacker, BlackBerry showed how it is possible to hack on a morphine-delivering hospital pump. They were able to control the pump remotely from the hypothetical healthcare system network, install malware and take over the pump – delivering lethal unsafe doses of morphine to an unsuspecting patient.

Third, your staff doesn’t know what to do. The reality is that investing in information security, along with training and staff procedures – is just as important as investing in that latest life-saving drug or medical device. In a survey carried out by global consulting firm PwC showed that only 31% of healthcare payers and providers invest in equipping their staff with industry security practices for the Internet of Things. Most data breaches start internally and hackers often look to exploit the weakest link. 

As the severity of cyber threats continues to escalate worldwide, it is imperative for the healthcare industry to take a proactive stance in safeguarding data transmissions between networked devices. This includes putting solutions in place to secure and manage volumes of data while complying with existing regulations. This is particularly challenging when IT departments are under pressure, balancing legacy systems along with increasingly mobile workforces and new connected devices.

BlackBerry defines this network of intelligent connections as the Enterprise of Things (EoT): that is the devices, computers, sensors, trackers, equipment and other things that are changing the way that companies operate; the products they make and how they serve customers.

For the heath sector, it is the way services are delivered, patients are treated and ultimately, how lives are saved. The question is, how can healthcare institutions do this effectively?

Hack your systems

Many organisations devote all their time to sourcing and building the best security technologies and are misguided that their systems are foolproof. Until they recruit professional ethical hackers and involve their employees in a simulated real world cyberattack, they will not truly know how robust their IT systems are. These simulated attacks could include sending out phishing emails and employ social engineering techniques to test staff, then take action. They should find out where their vulnerabilities are, and develop a countermeasure to rectify it, including necessary training.

Employ a defense in-depth approach to security

While some healthcare providers understand the need to keep their physical and digital assets secure, they realise that they lack the expertise to do so. They do not know how to put in place access management policies and establish cybersecurity audit processes. There is a need for these healthcare institutions to partner with a cybersecurity solutions provider that will deep dive into their company’s systems to ensure that information at every layer (network, device and software) is secure.

Train your workforce

Ask any cybersecurity expert and they will tell you that your employees are the weakest link. They could be exploited by malicious attackers through a myriad of methods, for example through a phishing email or social engineering techniques. It is crucial to keep your staff abreast of the latest cybersecurity best practices and your company’s latest cybersecurity protocols. Conduct regular training sessions, both when staff are on boarded and then ongoing. You can also consider appointing a cybersecurity ambassador to ensure that these policies are followed. All these steps create a culture of culture of cybersecurity awareness and accountability that can effectively minimize risk of data breaches.

Regularly test your systems

Healthcare leaders are sometimes too engrossed with the process of fortifying their security strategy that they forget to consider how they can minimise the negative impact should an incident occur. While prevention is key, preparation remains vital. They should test their systems along with crisis communications notifications to manage cybersecurity threats or major incidents that compromise people’s safety. Crisis simulations involving employees remain one of the best ways to ensure that the health institution is well-prepared.

Healthcare institutions closer to home can learn from examples like Melanoma Institute Australia, which is taking a proactive approach towards data protection and cybersecurity.  It is trialling BlackBerry Workspaces to share medical research securely for a disease that causes 75% of skin cancer deaths in Australia.

In fact, BlackBerry is working with healthcare customers all over the world in different ways to safeguard data and enable secure collaboration using our software. We are also delivering cybersecurity services to train hospital staff and test medical systems, along with crisis communications notifications to manage cybersecurity events or major incidents that threaten people safety. 

Gartner predicts that a quarter of enterprise security attacks will be caused by connected things by 2020. The reality is, the Enterprise of Things is here and the healthcare sector is both the most at risk – and the most underprepared.

Putting the systems and procedures in place to deliver a healthy and secure digital healthcare system will protect patient health information and support medical innovation by removing barriers to collaboration. Ultimately, this will only build more trust in the healthcare systems across Asia Pacific and lead to more positive outcomes for all healthcare professionals and patients alike.

Posted on: 24/05/2018 UTC+08:00


News

SGX-listed OUE Lippo Healthcare intends to acquire 10.63% of First REIT’s total issued units. It also plans to acquire a 40% stake in Bowsprit Capital, the manager of First REIT. The proposed acquisitions’ total consideration will amount to approximately S$142 million (US$103.4 million).
The Australian Federal Government has announcement that it will establish a Royal Commission which will focus on the quality of care provided to older Australians. The announcement comes a couple of days after a two-part television report on abuse in the industry.
Chow Tai Fook Jewellery Group is collaborating with BookDoc, the largest integrated healthcare app in southeast Asia by healthcare network in giving more rewards to BookDoc users for maintaining an active healthy lifestyle.
Q&M Dental Group, which operates the largest network of private dental outlets in Singapore, is looking to delist its subsidiary Aidite from the National Equities Exchange and Quotations of the People’s Republic of China, also known as the New Third Board.
After a dispute going back 11 years, medical centre operator Primary Health Care (PRY) will now have to give its employees an up-to 20% pay increase after a Fair Work Commission awarded the workers at its Victoria pathology division workers higher allowances and back pay.
AUO Care, a subsidiary of electronics manufacturer AU Optronics, has formed a partnership with Suang-Lien Elderly Center in northern Taiwan to deliver real-time IoT-based smart healthcare solutions to elderly citizens.
Retirement village operator Summerset Group Holdings has priced its upsized seven year, fixed rate bonds at 4.2%. The margin for the bonds has been set at 1.65%.
Accuron MedTech, the largest medical device company in southeast Asia, has opened its new Technology Centre in Singapore.



Analysis

After listing on the Hong Kong Stock Exchange at the beginning of May, Ping An Healthcare and Technology, formerly known as Good Doctor, shows no sign of slowing down.
Amy Khor, senior minister of state, ministry of health in Singapore, looks at the challenges of how to deliver healthcare in the future.
First you must find a clinic space from which to practice. The good news is that space is available at most hospitals. The bad news is that a 1,200 square-foot clinic space at Mount Elizabeth Hospital currently retails for around S$10 million, or US$7.34 million to secure a space less than half the size of a tennis court. By the time you add fittings, equipment and staff, your relationship with your bank manager will likely be under severe strain.
China’s hospital landscape is rapidly changing as operators and owners respond to shifting policy incentives, an aging population, the opportunity to serve Tier 2 and 3 cities, and shifts in consumer preferences.
Today, more and more people are suffering from serious, incurable, and/or rare illnesses. However, access to information on such conditions has been quite limited, to hospitals or internet surfing. Even though there were communities and organizations serving people with certain illnesses, information was not widely available, due to the general nature of the illnesses.
CR Phoenix Healthcare, China’s largest private hospital group, recently announced plans to restructure Beijing Jingmei Group General Hospital, a flagship hospital managed by CR Phoenix under its investment-operation-transfer (IOT) model.
Severe abuses continue in China's organ transplant system – including the sourcing of organs from prisoners of conscience on a large scale – despite Chinese government assertions of reform, finds a new study by the China Organ Harvest Research Center.
Asia Pacific's transition from a volume- to value-based care model has been highly challenging due to the need for large-scale regulatory changes and lack of a funding. Rising healthcare consumerism, digital health adoption, and the growing influence of medical tourism are setting a foundation for population health management, one form of value-based care that shifts the industry focus from episodic, individualised healthcare approaches to collective action against the cost and burden of disease in a society.
my images

Podcasts

HealthInvestor Asia twitter feed