Big Thinks is the Digital Magazine of the Global Mastermind Group

HIPAA: An Uncertain Foundation in a Big Data World

Karyn Mullins, Big Thinks Contributor, Healthcare data is powerful in the hands of healthcare professionals and hackers.

Technology, Data, and Medicine have gone hand and hand for many years, and 2020 delivered the largest funding year to Digital Health to date.

The Patient Data Collection Explosion: Technology has increased the amount of Protected Health Information (PHI) that is collected and shared. 

  • Wearable devices, Electronic Health Records (EHR), and the Internet of Medical Things (IoMT) have made data the new healthcare currency.
  • Chatbots and virtual assistants will increase the collection of healthcare data.
  • Healthcare data will experience a compound annual growth rate (CAGR) of 36 percent through 2025.

Medical Data is Valuable to Bad Actors: According to a 2019 Trustwave report, medical/healthcare data is worth exponentially more than financial data such as credit card data.

  • Healthcare data contains personally identifiable information that can be used for identity fraud.
  • Healthcare data can be used for financial fraud.
  • Healthcare data can be used to commit health insurance and Medicare fraud.

The Impact of a Data Breach: Data breaches have a multifaceted impact.

Breaches are costly. According to the IBM 2020 Cost of a Breach Report, the average cost of a data breach is $7.13M, and healthcare breaches are the most costly.

Breaches are damaging to patient and healthcare relationship trust.

  • People view data protection as a right – not a privilege.
  • The National Committee on Vital and Health Statistics says there are dangers to health privacy interests caused by inappropriate data access, storage, transmission, or analysis.

The Probability of a Breach is High: As the use and value of technology in healthcare continues to rise, the number of interconnected devices grows as well. Data and Electronic Protected Health Information (ePHI) shared across these interconnected devices create more opportunities for bad actors to attack. 

  • In late October 2020, the FBI and Homeland Security issued a warning to hospitals about an “imminent cybercrime threat to US hospitals and healthcare providers.”
  • Healthcare providers have seen a 45% increase in cyber attacks since November, and the healthcare industry accounts for 79% of the attacks in 2020.

HIPAA designed for yesteryear: The Health Insurance and Portability and Accountability Act (HIPAA) was signed into law in 1996.

  • HIPPA was created around the same time that the internet was seeing increased use.
  • The purpose of HIPPA, when signed, was focused on helping employees with the transferring of their health insurance between jobs.

HIPAA Security Requirements: Under HIPAA, Protected Health Information (PHI) and Electronic Protected Health Information (ePHI) must create safeguards for protecting data. Healthcare businesses and organizations must develop policies and procedures that include:

  • Physical control of the data
  • Protections around access to physical data
  • Technologies to protect electronic communications

Bridging HIPAA for Data-Driven Healthcare: A recent article in HIPAA Journal summarized the issue well, “The use of technology and data sharing is essential for improving the level of care that can be provided to patients, yet both introduce new risk to the confidentiality, integrity and availability of healthcare data.  While policies are being introduced to encourage the user of technology and improve interoperability, it is also essential for cybersecurity measures to be implemented to protect patient data.”

Multiple stakeholders will need to work together to keep the ecosystem safe.

Patients sharing information through unsecured channels while away from home will continue to be a significant risk to privacy. Healthcare providers must educate patients on the importance of only accessing and sharing data on secure devices and internet connections. And patients must implement those practices.

Healthcare Industry leaders must take proactive steps and invest more money to update their technology infrastructure to harden them against cybersecurity threats. According to Fierce Healthcare, only 23% of healthcare organizations have fully deployed security automation tools.

The Government needs to take steps to update HIPAA Regulations. HIPPA must be overhauled to address the framework for protecting patient data in a digitally connected and data-driven healthcare ecosystem.

The Bottom Line:  Data improves patient care and outcomes and must have a safe ecosystem that protects healthcare data privacy.

Read More Big Thinks

Big Thinks March 2021 Lisa Musich Contributor

From Self-Destruction to Self-Disruption

In today’s market, candidates (and employees) are experiencing the same dynamic pressures that affect SaaS and other technology products. By thinking of themselves as products and applying the same practices and techniques that lead to market success, they can remain current and meet the rapidly evolving needs of the most elite employers. Those that don’t will continue to fall further and further behind.

Read More »
Big Thinks March 2021 Michelle Galvani Contributor

Degrees or Skills?

Current wisdom states that companies are hiring skills over degrees. Why doesn’t it feel that way?
In the news: The story is disheartening, especially for the younger generations. 52% of recent college graduates are either unemployed or underemployed.

Read More »

Remote Work Allows More Inclusive Hiring

With remote working, the time has arrived for all to think about Diversity, Equity, and Inclusion (DEI) through a much broader lens than before. Companies have been primarily focusing on increasing diversity of gender and race and have spent less focus on creating an inclusive environment for people with diverse abilities and disabilities.

Read More »
Big Thinks March 2021 Jenya Peterson Contributor

Blockchaining the resume-the ultimate solution for the hiring manager?

Hiring managers are looking for candidates that can do the job, have the right skills, and fit well with the team. Blockchain is transforming recruiting by providing a fast solution to the long-standing struggle of validating candidates’ identity and skills. The question stands on what can and can not be part of the blockchained resume.

Read More »

The Modern Workforce Needs a Game Plan to Survive and Thrive

To ensure success in this dynamic environment, corporations worldwide are undergoing accelerated workforce transformation, redefining their talent assessments, deployments, promotions, and retention strategies. As members of the global workforce, we need a game plan to survive and thrive in this new world.

Read More »

Author