Big Thinks is the Digital Magazine of the Global Mastermind Group

HIPAA: An Uncertain Foundation in a Big Data World

Karyn Mullins, Big Thinks Contributor, Healthcare data is powerful in the hands of healthcare professionals and hackers.

Technology, Data, and Medicine have gone hand and hand for many years, and 2020 delivered the largest funding year to Digital Health to date.

The Patient Data Collection Explosion: Technology has increased the amount of Protected Health Information (PHI) that is collected and shared. 

  • Wearable devices, Electronic Health Records (EHR), and the Internet of Medical Things (IoMT) have made data the new healthcare currency.
  • Chatbots and virtual assistants will increase the collection of healthcare data.
  • Healthcare data will experience a compound annual growth rate (CAGR) of 36 percent through 2025.

Medical Data is Valuable to Bad Actors: According to a 2019 Trustwave report, medical/healthcare data is worth exponentially more than financial data such as credit card data.

  • Healthcare data contains personally identifiable information that can be used for identity fraud.
  • Healthcare data can be used for financial fraud.
  • Healthcare data can be used to commit health insurance and Medicare fraud.

The Impact of a Data Breach: Data breaches have a multifaceted impact.

Breaches are costly. According to the IBM 2020 Cost of a Breach Report, the average cost of a data breach is $7.13M, and healthcare breaches are the most costly.

Breaches are damaging to patient and healthcare relationship trust.

  • People view data protection as a right – not a privilege.
  • The National Committee on Vital and Health Statistics says there are dangers to health privacy interests caused by inappropriate data access, storage, transmission, or analysis.

The Probability of a Breach is High: As the use and value of technology in healthcare continues to rise, the number of interconnected devices grows as well. Data and Electronic Protected Health Information (ePHI) shared across these interconnected devices create more opportunities for bad actors to attack. 

  • In late October 2020, the FBI and Homeland Security issued a warning to hospitals about an “imminent cybercrime threat to US hospitals and healthcare providers.”
  • Healthcare providers have seen a 45% increase in cyber attacks since November, and the healthcare industry accounts for 79% of the attacks in 2020.

HIPAA designed for yesteryear: The Health Insurance and Portability and Accountability Act (HIPAA) was signed into law in 1996.

  • HIPPA was created around the same time that the internet was seeing increased use.
  • The purpose of HIPPA, when signed, was focused on helping employees with the transferring of their health insurance between jobs.

HIPAA Security Requirements: Under HIPAA, Protected Health Information (PHI) and Electronic Protected Health Information (ePHI) must create safeguards for protecting data. Healthcare businesses and organizations must develop policies and procedures that include:

  • Physical control of the data
  • Protections around access to physical data
  • Technologies to protect electronic communications

Bridging HIPAA for Data-Driven Healthcare: A recent article in HIPAA Journal summarized the issue well, “The use of technology and data sharing is essential for improving the level of care that can be provided to patients, yet both introduce new risk to the confidentiality, integrity and availability of healthcare data.  While policies are being introduced to encourage the user of technology and improve interoperability, it is also essential for cybersecurity measures to be implemented to protect patient data.”

Multiple stakeholders will need to work together to keep the ecosystem safe.

Patients sharing information through unsecured channels while away from home will continue to be a significant risk to privacy. Healthcare providers must educate patients on the importance of only accessing and sharing data on secure devices and internet connections. And patients must implement those practices.

Healthcare Industry leaders must take proactive steps and invest more money to update their technology infrastructure to harden them against cybersecurity threats. According to Fierce Healthcare, only 23% of healthcare organizations have fully deployed security automation tools.

The Government needs to take steps to update HIPAA Regulations. HIPPA must be overhauled to address the framework for protecting patient data in a digitally connected and data-driven healthcare ecosystem.

The Bottom Line:  Data improves patient care and outcomes and must have a safe ecosystem that protects healthcare data privacy.

Read More Big Thinks

Big Thinks April 2021 Cover Tracy Levine Forbes Coaches Council and CEO Advantage Talent Inc

Hiring Goes Hybrid: Social Recruiting is Overtaking Traditional Methods of Hiring

The internet has facilitated the most significant impact on how we get hired. For your career to continue to experience growth and expansion, it is crucial that you know where to be seen and heard online. Getting hired in 2021 will require a multi-faceted approach, including targeted resumes and applying for jobs online while capitalizing on the new innovative ways hiring managers are using the internet and social media for hiring.

Read More »
Big Thinks April 2021 Alicia Alfonso

Social Impact: Going Hybrid

The world is no longer split between social impact and non-social impact. We’ve entered a time when every organization, government, and citizen is expected to improve the world around them in one way or another.

Read More »

IT Goes Hybrid

In this era of digital globalization, data sovereignty and privacy issues have become a constant challenge for companies that are running businesses locally or globally. Globalization demands for information flow across the borders. Cloud technology has removed the geographical barriers of data storage, providing companies the ability to store information anywhere globally.

Read More »
Big Thinks April 2021 Cover Karyn Mullins Contributor

Healthcare Delivery: The Future is Hybrid

We expect to order an item online but return it to a physical store and buy groceries online but drive a physical location for quick pickup. This digital transformation has been ongoing in many other industries for years and has now arrived in healthcare.

Read More »