Healthcare organisations are digitising processes, functions and data as they uncover the benefits of clinical transformation – but this is leaving them open to nefarious cyber activity. The more digital interfaces created by electronic health systems, the greater the cyber ‘attack surface’.

Undertaking a new healthcare project or initiative requires changes across processes, job roles, organisational structure and technology. While the focus is often on safe clinical care, there is less recognition that access to patient data and ensuring it’s handled safely is a key part of this. Embedding ‘security-by-design’ into the foundations of a clinical digital transformation project is paramount.

Why? Because healthcare data contains our most confidential information and is attractive to a criminal organisation or foreign adversary.
How healthy is that population? What are some of the healthcare trends? Could this information be used to exploit or cause embarrassment? 

With the 2020 Cyber Security Strategy recognising healthcare systems as a matter of national importance, the provision of IT security must also be elevated. Hospitals and healthcare providers can no longer underinvest and underperform when it comes to cyber security.

From bedside care to data warehouses and smart devices, the flow of patient data must be secured at each step along the way. IT providers and integrators need to ensure systems don’t introduce vulnerabilities or weaknesses that are open to exploitation.

The health sector has often been seen as a laggard when it comes to cyber security, falling far behind sectors such as financial services, and energy and resources. But now is the time for healthcare providers to rise to the challenge. Security must be a core and critical work-stream for any electronic medical or healthcare program. Without data security at the heart of healthcare systems, patients will lose confidence in the ability of organisations to deliver good health outcomes.

Addressing this means embedding a safety focus in digital health technology initiatives such as electronic health records. In determining the outcomes of these projects, security must be a key metric for consideration. It also includes educating and training healthcare practitioners on the tell-tale signs of potential cyber attacks.

Today more than ever, the privacy and security of patient information is critical for the successful operation of a world-class healthcare system. As the turbulent times we live in elevate the importance of healthcare data, it’s abundantly clear our protection of it must increase too.

For more on the importance of cyber security, read Deloitte’s submission to the 2020 Cyber Security Strategys