Financial intelligence for Asia's healthcare markets
 
 
Remember me:

Analysis: How to safeguard your patient’s privacy

Sara Jost, global healthcare industry lead at BlackBerry, explains that putting the systems and procedures in place to deliver a healthy and secure digital healthcare system will protect patient health information and support medical innovation.

In a region as diverse and populous as Asia Pacific, digital healthcare transformation is top of the agenda. With considerably different economic environments, particularly when it comes to technology adoption and regulatory frameworks, there is a variety of different priorities when it comes to providing healthcare services in different countries.  However, the fundamental goal that all nations have in common is to advance digital healthcare to improve the lives of citizens. 

For example, markets such as Singapore, South Korea and Hong Kong, all with aging populations in the millions and rising costs of living, would benefit significantly from digital health initiatives that help to reduce reliance on hospitals. At the same time, in fast-growing markets like India, Malaysia and the Philippines, the digitisation of patient records and information that enables telemedicine services will help to accelerate how to provide better care in less accessible rural areas.

Health organisations in Singapore and around the world are aggressively working digitally to transform the way they operate. Ultimately, this will alter the way healthcare practitioners conduct medical research, treat patients and deliver enhanced and more affordable health services for citizens.

This is a massive undertaking with many variables to consider and security needs to be front and centre in the design process, not an afterthought. As well as keeping patient data safe, healthcare institutions need to manage and secure every digital and physical thing that touches their networks. What do you need to think about?

First, medical records are tempting targets for cybercriminals. Your personal data is invaluable to you – but also to millions of other people. It is reported that personal health information offers 10 times the pay-out on the black market compared to stolen credit card numbers. Last year, two of Indonesia’s major hospitals, Dharmais Hospital and Harapan Kita Hospital, fell prey to a cyber-attack. Patient medical records and billing systems were held ransom by attackers who expected to be paid to free the data. Not only do these disruptions affect healthcare operations, they can threaten lives. Unfortunately, this is not an issue that will go away, but by working together through system and regulatory design, governments and the healthcare industry can better address the challenges of keeping patient data, private.

Second, manipulation of data can have a life or death effect. A few years ago in New York, Blackberry demonstrated how easily IoT-enabled medical devices can be hacked. Working with a white hat hacker, BlackBerry showed how it is possible to hack on a morphine-delivering hospital pump. They were able to control the pump remotely from the hypothetical healthcare system network, install malware and take over the pump – delivering lethal unsafe doses of morphine to an unsuspecting patient.

Third, your staff doesn’t know what to do. The reality is that investing in information security, along with training and staff procedures – is just as important as investing in that latest life-saving drug or medical device. In a survey carried out by global consulting firm PwC showed that only 31% of healthcare payers and providers invest in equipping their staff with industry security practices for the Internet of Things. Most data breaches start internally and hackers often look to exploit the weakest link. 

As the severity of cyber threats continues to escalate worldwide, it is imperative for the healthcare industry to take a proactive stance in safeguarding data transmissions between networked devices. This includes putting solutions in place to secure and manage volumes of data while complying with existing regulations. This is particularly challenging when IT departments are under pressure, balancing legacy systems along with increasingly mobile workforces and new connected devices.

BlackBerry defines this network of intelligent connections as the Enterprise of Things (EoT): that is the devices, computers, sensors, trackers, equipment and other things that are changing the way that companies operate; the products they make and how they serve customers.

For the heath sector, it is the way services are delivered, patients are treated and ultimately, how lives are saved. The question is, how can healthcare institutions do this effectively?

Hack your systems

Many organisations devote all their time to sourcing and building the best security technologies and are misguided that their systems are foolproof. Until they recruit professional ethical hackers and involve their employees in a simulated real world cyberattack, they will not truly know how robust their IT systems are. These simulated attacks could include sending out phishing emails and employ social engineering techniques to test staff, then take action. They should find out where their vulnerabilities are, and develop a countermeasure to rectify it, including necessary training.

Employ a defense in-depth approach to security

While some healthcare providers understand the need to keep their physical and digital assets secure, they realise that they lack the expertise to do so. They do not know how to put in place access management policies and establish cybersecurity audit processes. There is a need for these healthcare institutions to partner with a cybersecurity solutions provider that will deep dive into their company’s systems to ensure that information at every layer (network, device and software) is secure.

Train your workforce

Ask any cybersecurity expert and they will tell you that your employees are the weakest link. They could be exploited by malicious attackers through a myriad of methods, for example through a phishing email or social engineering techniques. It is crucial to keep your staff abreast of the latest cybersecurity best practices and your company’s latest cybersecurity protocols. Conduct regular training sessions, both when staff are on boarded and then ongoing. You can also consider appointing a cybersecurity ambassador to ensure that these policies are followed. All these steps create a culture of culture of cybersecurity awareness and accountability that can effectively minimize risk of data breaches.

Regularly test your systems

Healthcare leaders are sometimes too engrossed with the process of fortifying their security strategy that they forget to consider how they can minimise the negative impact should an incident occur. While prevention is key, preparation remains vital. They should test their systems along with crisis communications notifications to manage cybersecurity threats or major incidents that compromise people’s safety. Crisis simulations involving employees remain one of the best ways to ensure that the health institution is well-prepared.

Healthcare institutions closer to home can learn from examples like Melanoma Institute Australia, which is taking a proactive approach towards data protection and cybersecurity.  It is trialling BlackBerry Workspaces to share medical research securely for a disease that causes 75% of skin cancer deaths in Australia.

In fact, BlackBerry is working with healthcare customers all over the world in different ways to safeguard data and enable secure collaboration using our software. We are also delivering cybersecurity services to train hospital staff and test medical systems, along with crisis communications notifications to manage cybersecurity events or major incidents that threaten people safety. 

Gartner predicts that a quarter of enterprise security attacks will be caused by connected things by 2020. The reality is, the Enterprise of Things is here and the healthcare sector is both the most at risk – and the most underprepared.

Putting the systems and procedures in place to deliver a healthy and secure digital healthcare system will protect patient health information and support medical innovation by removing barriers to collaboration. Ultimately, this will only build more trust in the healthcare systems across Asia Pacific and lead to more positive outcomes for all healthcare professionals and patients alike.

Posted on: 24/05/2018 UTC+08:00


News

China Isotope & Radiation, which manufactures diagnostic and therapeutic radiopharmaceuticals products, has launched its HK$1.9 billion (US$247 million) IPO on the Hong Kong Stock Exchange.
Malaysian multinational PRG Holdings has extended the deadline for its M$18.3 million (US$4.6 million) acquisition of O&G focused private medical services provider Roopi Medical Centre.
Hong Kong-listed WuXi Biologics, a subsidiary of WuXi PharmaTech, has started the construction of an integrated biologics conjugate solution centre in Wuxi city.
RHT Health Trust, the first business trust listed on the Singapore stock exchange with a portfolio comprising healthcare assets in India, has confirmed that it has received all outstanding amounts due from India’s Fortis Healthcare for the past financial year.
Shares in Ramsay Health Care, Australia’s largest private hospital operator, slumped today after the group cut earnings guidance. It flagged up “onerous lease provisions” and asset writedowns on a number of its hospitals in the UK.
Following Monday’s 5.9 magnitude earthquake which struck Osaka, Parkway Life REIT, which is owned by IHH Healthcare, has confirmed that its Japan asset managers, operators and residents at its Japan healthcare facilities are accounted for with no reported injuries.
Singapore-listed property developer Perennial Real Estate has incorporated a new subsidiary in China. Perennial (Shanghai) Health Management will be involved in the management of its healthcare business in Shanghai.
Yestar Aesthetic Medical Group, the second largest private aesthetic medical institution group in China, is planning an IPO on Hong Kong’s mainboard. CICC is sole sponsor to the deal.



Analysis

Aon’s inaugural Asia Healthcare Trends Report 2017/18 shows that although Hong Kong has a lower medical inflation rate than the average in APAC, it is the highest in Greater China.
Out of date and unsecure fax machines are still being used to share patient information between healthcare providers in Australia. Not only do fax machines cause frustration for healthcare providers trying to communicate with each other, they can also cause patient harm.
Health and well-being programmes are fragmented and do not meet the needs of stressed Asia workforces, finds Willis Towers Watson. By and large, employers in Asia still miss the mark when it comes to their health and well-being benefits, with many employees feeling that their needs are not met, according to research from the global advisory, broking and solutions company.
According to a survey of biopharma companies by L.E.K. Consulting, the majority of firms from Western Europe or the US are interested in China, specifically those at Phase 2 or later development.
Sara Jost, global healthcare industry lead at BlackBerry, explains that putting the systems and procedures in place to deliver a healthy and secure digital healthcare system will protect patient health information and support medical innovation.
Joseph Soon, global digital director at Bupa, explains why industry players must stay agile in the market and act fast to take every opportunity the digital age has to offer.
The Asia-Pacific (APAC) healthcare industry is undergoing rapid transformation with a dramatic shift in consumer behaviour and expectations, opening up growth opportunities across diagnostics, regenerative medicine, medical tourism and digital health.
Tan Chorh Chuan, executive director at the Office for Healthcare Transformation and chief health scientist at the Ministry of Health in Singapore, explains why population health improvement has to become a crucial area of focus.
my images

Podcasts

HealthInvestor Asia twitter feed