With GoodRX making the news, not in a good way, but for trading healthcare data to Big Tech in exchange for your healthcare information, they would receive the benefit of targeting people with various health conditions, etc. Oh and it isn’t the first time they have been caught doing this. It should also be noted as we have discussed previously that your healthcare information is sold in increasing frequency. So what is the big deal…

Patient health records are some of the most sensitive and personal information a person can have. They contain details about a person’s medical history, treatment history, and current health status. The exposure of this information can have devastating consequences, both for the individual and for society as a whole.

One of the primary dangers of patient health records being exposed is the potential for identity theft. The information contained in these records can be used by criminals to commit fraud and other crimes. For example, a criminal could use a person’s name, date of birth, and health insurance information to obtain medical services or prescription drugs in their name.

Another risk of exposure is the potential for discrimination. Employers, insurance companies, and others may use the information contained in patient health records to make decisions that are not in the best interest of the individual. For example, an employer may decide not to hire someone based on information contained in their health records, or an insurance company may deny coverage based on pre-existing conditions.

In addition, exposure of patient health records can also lead to embarrassment and emotional distress for individuals. The information contained in these records is often private and personal, and the exposure of this information can cause individuals to feel ashamed or embarrassed.

Finally, exposure of patient health records can have a negative impact on public health. When the medical records of a large number of individuals are exposed, it can compromise the privacy of individuals and potentially lead to the spread of infectious diseases.

To mitigate these risks, it is important that healthcare organizations take steps to protect patient health records. This includes implementing strong security measures, such as encryption and access controls, to prevent unauthorized access to these records. In addition, healthcare organizations should also have policies in place to ensure that patient health records are only accessed by authorized personnel for legitimate purposes.

In conclusion, the exposure of patient health records is a serious issue that must be taken seriously by healthcare organizations and individuals alike. By taking steps to protect these records and ensuring that they are only accessed by authorized personnel, we can help to reduce the risks associated with exposure and ensure that the information contained in these records is used for the benefit of patients and society as a whole.

In today’s world, we are hearing more often about the rising trend of cyber attacks on the healthcare industry. Some research even compares that the healthcare patient’s data is more valuable than credit card data, some say its value is around 10-15 times that much. https://www.irishexaminer.com/news/arid-40293149.html 

There are several reasons for that, first of all, a credit card could be canceled, but for healthcare data, there is information that stays with the particular person forever. Getting access to all of that information could end in financial fraud and is much more complex to fix.

Additionally, the healthcare system and patients’ data could be a part of the cyber war between governments and hackers. The digital transformation in each area of our world also includes behaviors that have future consequences for all of us. Those consequences are not only by making the healthcare data more lucrative but any kind of disruption in our healthcare data could influence our health or getting the right treatment and medicine on time. One of our advisors was talking about the cyber wars that are going to appear more in the future. https://aihealthcarecapital.com/blog/the-growing-threat-of-cyber-attacks/

Going further with this path, cyber-attacks that are being made on hospitals could affect the quality of treatment we get. In a more and more connected world, with so many devices that could be a low point, we have to take care of and address challenging issues that are out there. At AI Safety Holdings we pay attention to the challenges that are appearing and coming for the healthcare industry. 

I talked about some other issues related to cybersecurity https://aihealthcarecapital.com/blog/cyber-security-and-ai-to-the-rescue/

The cyber-attack environment continues to grow at a staggering rate and the number of bots cruising around the internet is alarming. Consider also the growing amount of information stored electronically, a lot of it in cloud-based systems and you start to see the problem. Can Artificial Intelligence solve this problem, or reduce the risks in an organization. I strongly believe AI, with its machine learning and pattern recognition are a perfect fit in cyber-security systems.

Today, in our software based cyber world, it takes time for researched to detect a new threat and then additional time to write software to detect and eradicate it. This traditional approach cannot keep up with the ever-evolving threat landscape. This is one critical area where AI can be applied. Using predictive intelligence and Natural Language Processing, AI can quickly detect anomalies in systems and devices.

Taking on the internet of Bots is another critical area. The internet is full of these automated bots and you can’t battle something that is automated with a manual approach. AI can easily take on this task. For instance, looking at and detecting patterns an area AI is already being used in.

Using AI in these areas allows for the AI-based cyber security system to also predict risks or threat areas within the system and build defenses against them.

Tools being used today, including VPN’s rely on signatures and virus/malware definitions, which must be up-to-date to truly protect the systems they are meant to protect. AI easily takes us in the right direction and gives us a better set of tools.

There are a couple of potential downsides to using AI such as people and financial resources for companies using AI-based cyber protection, and also advserarial-AI attacks. Cyber criminals could use AI to fool machine learning models and pattern detection, tricking the system into accepting the newly detected patterns, or behavior as normal or even favorable.

In summary, cyber security needs to continue evolving and AI is the best possible future for this.

Healthcare Data and HIPAA(Health Insurance Portability and Accountability Act of 1996) Compliance are a constant challenge with the healthcare continuum.  With information breaches on the rise, many patients fear personal information might be compromised.    Cyber security and technology should be considered priority for all healthcare providers.  

Let’s consider what could happen if your office was a victim of data breach.  Many practices have thousands of patients in multiple locations which could turn into HIPAA violations across multiple states including hefty fines up to $50,000 per violation for your organization.  

According to the 2021 NSI National Health Care Retention & RN Staffing Report, the national hospital turnover rate is 19.5%.  With employees coming and going, data management and security should be reviewed more frequent.  In the past, most healthcare companies made reviews annually but the new norm with higher turnover might require quarterly review. 

There are many solutions for protecting your business through reputable companies that manage data security.  Internal solutions also define your risk for breaches.  Ensure your employees are trained, at minimum, annually.  The stronger policies for training and security help with the role you play in protecting your patient data.  

Consider your current security and don’t be afraid to explore your options to protect healthcare data so you won’t be the next victim.  

References:

(2018) Health Insurance Portability and Accountability Act of 1996 (HIPAA) Available at: Health Insurance Portability and Accountability Act of 1996 (HIPAA) | CDC (Accessed: May 25,2022).

Editor unknown. (2017) What are the Penaties for HIPAA Violations? Available at: https://www.hipaaguide.net/hipaa-violation-penalties/ (Accessed: May 25,2022).

Author unknown (2022) 2021 NSI National Health Care Retention & RN Staffing Report. Pg 18. Available at: NSI_National_Health_Care_Retention_Report.pdf (emergingrnleader.com) (Accessed: May 25,2022).

The world of cyber transactions has been tumultuous in recent years, with many expecting an exponential growth, and more recently, following Russia’s attack on Ukraine, the field has received the spotlight.

The last time I wrote here, I explained what the future wars would look like, I mentioned the maternity hospital attack in Ukraine, and estimated that since hospitals are not “out of the game”, they would need cyber defense services as well as entities.

In my opinion, a company whose technology will be defiantly implemented in very many hospitals in a few years’ time is Medigate (keep reading and you’ll see why).

Medigate, as its founders were graduates of the Israeli Intelligence Corps, was a promise from the very first moment. What is so special about Medigate is that it chose from its very beginning to go for a product designed and designated primarily for hospitals across the IoT space (IoMT). In this sense, the founders deserve double credit, not only did they know how to develop fine technology, but they also recognized the need to carry out segmentation in the cyber field, and provided “special treatment” to hospitals cyber needs. It was certainly innovative, and it turns out that an excellent business move as well.

Medigate’s product provides visibility to all medical devices connected to the network, and allows full identification of the types of devices, as well as analysis and understanding of the protocols, communication and behavior of each device on the network. 

Through the mapping of medical devices, Medigate’s product makes it possible to identify unusual patterns that may indicate attempts at cyber-attacks that may harm the safety of devices and private medical information of patients.

In addition, Medigate provides an alleged first-of-its-kind capability for managing and analyzing the data collected by the devices for the purpose of managing the medical device inventory in organizations. 

Medigate was founded in 2017 and since, has raised an aggregated amount of $50.4M, in 3 rounds

In December 2021, Claroty, the cyber giant, announced it entered an agreement to acquire Medigate as part of Claroty mission to secure all cyber-physical systems (CPS) across industrial, healthcare, and enterprise environments. The above investment brought Medigate total funding to $635 million, making it the most well-funded cybersecurity company in the industrial (OT), healthcare (IoMT), and enterprise IoT sector.

We are constantly receiving data whether we are a patient, a provider or a health network.  It would seem as though there is an underutilized network of data resources within these relationships just waiting to be tapped. 

Ever notice when you are visiting your PCP (Primary Care Physician) for your annual visit, the physician and staff type notes creating a digital footprint?  We live a “now” world with technologies far advanced from our ancestors.  What if these notes were used for the greater good?

That data struggle is real with a lingering digital dilemma.  There is this need for immediate data in ways we don’t usually consider.  Take for example, if one PCP managed more specialized cases with similar symptoms and prescribed similar remedies and this data was being timely managed, this could help the PCP make better decisions if he were receiving “real-time” statistics in relation to his patient care.  These barriers usually come with costs constraints and lack of technical help.

What if there was help?  What if you could afford it?  Would you take the next steps to advance patient care and outcomes?

If you spend any time at all on social media, particularly Facebook you have certainly seen the meme’s and quizzes that ask you seemingly harmless questions. There are also apps on Facebook that take this to a whole new level, by asking you to share your friends list, pictures, past posts and a whole litany of “personal” information.

Simple meme’s posing questions like, “Name the first car you owned”, “What was the name of your favorite pet”, or “What was the first concert you went to”. Beyond the meme’s there are some fun-to-take quizzes also, all designed to social engineer personal and private information from you, without you knowing. Yes, many of you reading this will say you stay away from the quizzes, but what about these simple meme’s, or certain Facebook apps?

Another security concern is the number of people on Facebook that “Check In” to various locations; the gym, the doctor or even Starbucks!

Facebook uses Artificial Intelligence (AI) to profile every aspect of your life, much of it was voluntarily provided to them… by YOU!

Identity thieves develop these meme’s and quizzes so that they can mine the data for criminal activity. Did any of the examples above sound like the type of security questions your bank may have asked you to select and answer?

What about passwords you use at work, including any type of authentication questions you have answered? Not only are these criminals targeting you, they may well be targeting the company you work for.

Bottomline: stay away from these quizzes, meme’s and research any application offered on Facebook prior to signing up!

According to government reporting the United States spends nearly 20% of GDP on Healthcare. A further breakdown shows that 31% was for Hospital Care and 20% for Physician and Clinical Services. Moving past the amount of money spent as illustrated above, this also represents an increasing amount of data within the healthcare system.  Traditional methods for protecting data are outdated and easily exploited by cyber attackers, including ransomware demands.

Blockchain to the rescue! Blockchain is a decentralized system, that puts the control over data; the protection, sharing of, traceability, security and confidentiality. Data privacy is of critical concern in healthcare, from supply chain to patient data and needs to be addressed with a new approach, enter Blockchain.

Blockchain technology is currently being used in the following 5 areas in healthcare:

• Supply Chain – the healthcare sector must ensure the provenance of medical goods to confirm their authenticity. Particularly in areas where counterfeit drugs are prominent. These counterfeit prescription drugs account for tens of thousands of deaths annually.

• Patient-centric electronic health records – Healthcare systems around the globe equally struggle with patient data silos, meaning they have an incomplete view of any specific patients’ medical history. Blockchain can supply a comprehensive single source of truth of a patient’s medical records

• Medical staff credential verification – Similar to supply chain tracking and transparency , blockchain technology can be used to track the experience of medical professionals.

• One of the biggest trends in digital health is the adoption of remote monitoring solutions, where all kinds of sensors measuring patients’ vital signs providing healthcare practioners a more complete view of the patients’ health. However these devices are coming under attack, blockchain helps to ensure that only authorized access is granted to this data.

• Billing and Insurance Provider Gateway Systems – Imagine the vast amounts of data shared between a healthcare provider and their billing system vendor, or even the insurance company. Insurance company goes beyond the patients’ healthcare insurer, it extends to the healthcare providers insurance issuer as well. Blockchain can help secure the data by ensuring transparence, a single source for truth and imitate and confirm the transfer of this data. 

These are only five examples where blockchain is benefiting the healthcare industry.

Towards the end of 2021, the Cybersecurity and Infrastructure Security Agency (CISA) announced a security breach for the Fresenius Kabi Agilia Connect Infusion System, which affected close to 1,200 pumps.  Shortly after the new year, close to 500,000 patients using pacemakers were compromised and were asked to install patches to protect them from harm.

Cyber compromise is an increasing concern for hospitals and providers across the world.  

From insulin pumps to pacemakers, these machines keep our loved ones alive.  If technology is placed in the wrong hands, there could be instantaneous complications.  Hospitals, manufacturers and health facilities need cost effective ways to manage the attacks while keeping patients safe and healthy.

AI Safety looks for ways to connect these folks to protect and save lives.

We’re all witnessing the war in Ukraine, and the horrific photos that come from there. A particularly striking photo is the photo from the maternity hospital which was viciously bombed. To me, this picture stood out especially because it reflects a particularly harsh moral conduct, yes, even in relation to a situation of war.

Now let’s go a step or two towards the future, and sorry in advance that I’m shattering John Lennon’s “Imagine” illusion for all of us. Wars, unfortunately will continue to happen. I do not see the world succeeding in eradicating the evil that exists in it completely.

In my humble opinion, the main and major difference between today’s and tomorrow’s war is going to be mainly – weapons type and characteristics. You do not have to be a prophet to assume that we will see much more use of cyber. There will be no need to necessarily bomb a power plant to shut it down, there will not be the same need for an air defense system to protect it. In order to disable the power plant, offensive cyber will be used, and instead of the air defense system, the power plant will need a defensive cyber system.

Call me naive, but where I come from, hospitals are taboo, never attacked. Every human being with little morality understands that there are goals that are “out of the game”.

The War in Ukraine in general and the attack on the maternity hospital in Ukraine in particular, give us a dramatic wake-up call accompanied by a huge exclamation mark, regarding the importance of defensive cyber, with a significant emphasis on medical institutions, since apparently, we cannot have the privilege to trust the moral and human codes of humanity when it comes to Wars.

Imagine a situation where, in the future, a random state or its proxies could cause complete chaos in the hospitals of the other state. Imagine, for instance, that dialysis patients hospitalized might fall victim to cyber manipulation on the devices that keep them alive, and this while innocent of any crime. Imagine a situation where in the middle of a critical brain surgery, there is a power outage. Know what? More simple and less dramatic (or actually much more so) imagine a situation where all the data of a particular hospital system is simply deleted and all the existing knowledge related to the hospitalized patients simply disappears. 

This thing, which is not as badly photographed as the physical demolitions of a hospital, is photographed much “better” and therefore much more likely to have such attacks done through cyberspace.

This is why, we at AISH have united together. For us, it’s much more than a business initiative, it’s a life mission. Our goal is to improve the world and the lives of millions living in it, our goal is to add power to good over evil.