How to manage healthcare data securely

Clear Skye's CSO Jackson Shaw tells us how healthcare providers can manage data security

With discussions about rolling out vaccine passports and the recent news that England's NHS is set to share people's medical records with third parties, there are more concerns around data privacy than ever before. 

Here Jackson Shaw, Chief Strategy Officer at Clear Skye, a developer of identity governance software, tells us about the steps healthcare organisations can take to manage data securely. 

Which are the greatest challenges healthcare providers face in terms of managing data and security? 
The greatest challenges are ensuring that they do not run afoul of the many regulations related to data security like HIPPA, PII, GDPR, and related laws. In a sense, these rules have forced many providers to implement more secure practices when it comes to handling data, but it hasn’t necessarily armed them with the tools to do so in an effective way. 

For example, many healthcare organisations still manage access and privileges through very manual, resource-heavy, siloed processes, which can be both inaccurate and inefficient. The best way to mitigate these compliance challenges is to automate wherever possible. Not only do you free up IT staff for more mission-critical projects, but you gain a more cohesive, streamlined view of security posture throughout an entire organisation. 

As healthcare increasingly goes digital, how do you see this evolving? 
As more organisations migrate workloads to the cloud it is increasingly important that they understand how access to their data will change and the new security threats that may emerge. 

In addition, the advent of remote and hybrid work models, telehealth and virtual appointments, and electronic medical records (EMR) are the new “open doors” to your business assets. Enabling proper access and security for patients, contracts, employees — all of whom may be remote — is of paramount concern.

What are your top tips for healthcare providers to keep data secure? 
Healthcare providers need to protect themselves from both unauthorised and authorised access to their data and systems. To safeguard against external threats (hackers), organisations should store all data in an encrypted format wherever that data is located — the cloud, on-premises or in the possession of a SaaS provider(s) you might be using.

To best protect against insider threats, it’s important that strong controls are in place to monitor access to systems, promptly remove access to systems when authorised individuals leave the company or change positions and no longer require access to systems or data that are no longer part of their job.

Share

Featured Articles

The Taiwan Excellence Award Winners on new technologies

Cypress Technology, Dacian Technology Material, Chroma ATE, Taiwan Advanced Nanotech & iDRC Chyng Hong Electronics are the Taiwan Excellence Award Winners

World Hepatitis Summit 2022 to support healthcare workers

The World Hepatitis Summit 2022 calls to prevent viral hepatitis as cases soar in children and healthcare workers struggle with the stigma

5 minutes with Yoni Nevo, CEO of Sweetch

At behavioural science company Sweetch, CEO Yoni Nevo treats chronic illnesses with digital therapeutics solutions, using AI & emotional intelligence

Canada’s telehealth support for Ukrainian healthcare workers

Technology & AI

How Contura’s hydrogel technology can help patients knees

Technology & AI

MVP Health Care’s Kim Kilby on hybrid healthcare’s future

Hospitals