Safeguarding medical data in today’s increasingly-complex IT landscape
As 2018 draws to a close, healthcare represents a key target for cybercriminals worldwide. Not only are security threats developing at a rapid rate, many cash-strapped hospitals and trusts are also forced to rely on IT systems that often consist of a mishmash of outdated legacy software and hardware, leftover from previous generations of IT. These are the same organisations that hold reams of personal data about their patients’ most private medical conditions and concerns. This conspicuous lack of adequate infrastructure means their data can be easily compromised and monetised for fat profits on the dark web.
This situation isn’t acceptable in a sector where any disruption to operational continuity can cost lives. For example, WannaCry, a relatively unsophisticated Ransomware attack, managed to bring the UK’s National Health Service (NHS) to its knees in May 2017. Though the exact scale of the damage is almost impossible to estimate, 19,000 appointments were thought to have been cancelled in total, alongside £92m in damages.
Quite often, the conversation around safeguarding medical data begins and ends on investing in more cyber security solutions. However, investment in cyber security alone is no guarantee of safety. The potential dangers on the horizon aren’t just limited to cyber-attacks. There’s a wide range of potential disasters that need to be prepared for.
The causes behind spiralling complexity
Advances in medical technology, alongside a rapidly aging population, mean the amount of critical medical data that needs to be backed up safely is now only set to increase. For example, rapid developments in Healthtech, Big Data and the Internet of Things bring huge benefits to patients but, as a result, the amount of data that will need to be recovered in an emergency will end up increasing exponentially.
Research by IDC indicates that the volume of healthcare data worldwide is projected to skyrocket to 2,314 exabytes by 2020, from only 153 exabytes in 2013 (an exabyte equals a billion gigabytes). As such, hospitals and trusts need to have their backup capacity ready to cope with this growth as well as increase in tandem with the needs of their evolving systems. Cloud based backups can allow hospitals and trusts to keep up with this growing demand, without having huge initial outlays in terms of upfront investments in physical infrastructure, which is not as easy to procure or as flexible. It’s this scalability that will prove invaluable for the sector moving forward, as it continues to grow and transform in terms of data needs and requirements in the near future.
- The Falsified Medicines Directive: guidance for wholesalers, distributors and logistics partners
- Novartis agrees to acquire Endocyte for $2.1bn
- Merger Boom: What to expect from M&A and healthcare costs
It’s hard to win a fight when you’re already handicapped – but that’s what it’s like for many healthcare providers. For many, their IT ecosystems are multi-generational, containing hardware and software from many different eras, much of which has either not been designed to talk to one another or out of date, creating issues when it comes to collaboration and security. As a result, systems are left vulnerable to attacks, crashes and other IT disasters.
But, despite being a challenge, the situation is thankfully no beyond repair. Moving to a single view, cloud-based backup solution can help to unify and smooth out issues involving different systems, platforms, data types while still supporting a backlog of legacy software and hardware, providing the scalability and cost effectiveness of the cloud without having to pull the plug on the older systems.
When there are lots of eclectic and hard to co-ordinate moving parts in the mix, organisations can make disaster recovery easier to manage by conducting an audit of their risk profiles, to determine which data is most critical for them, then determining where this lies. This means discerning their Recovery Time Objectives (RTOs), a metric that describes how long it takes to restore your backups, and their Recovery Point Objectives (RPOs) which measures the amount of the data that they can stand losing during the recovery process, and then using these to formulate a backup strategy in conjunction with management.
Ensuring IT continuity instead of chaos
Whether it’s cyber threats or out of date software, safeguarding mission-critical information doesn’t come easy. In fact, our research found that 64% of IT decision makers believe that protecting data hasn’t got easier in the past five years.
However, with so much riding on the continuity of your systems, it’s how you handle any potential interruption that counts. Disruptions happen, regardless of how well you prepare and put security solutions in place. There is always the possibility of someone making a mistake. This means healthcare providers need to make sure that the show is set up to go one regardless of what happens. That disruptions are reduced to barest minimum, and that end users can continue to enjoy the seamless experience they desire.
Whether this includes making a jump to the cloud, determining whether RTO or RPO is more business critical or employing the very best emerging technologies, healthcare providers must be able to find the right balance and eliminate the fear, uncertainty and doubt that comes with insecure IT systems.
- Protect whistleblowers to protect patients across healthcareHospitals
- 48% of women say work has a negative impact on mental healthDigital Healthcare
- The Boston Consulting Group healthcare data reportDigital Healthcare
- Digital healthcare with OSF HealthCare & Current HealthDigital Healthcare