Cybersecurity

profileHotmess
CBR600_SampleProject2HealthcareCyber.docx

1

9

The Complexity and Evolving Technologies of the Healthcare Industry

Good Student

University of Maryland Global Campus

Course

Instructor

Date

The Complexity and Evolving Technologies of the Healthcare Industry

The healthcare industry as we know it is constantly evolving and growing exponentially every year for many reasons, such as regulation changes from federal and state agencies, changes to coverage from health insurance companies, illness trends, developments in medicine, and demographics of medical staff. Two of the most important reasons are due to the evolving medical needs of patients and the advancements in technology that provide viable options to these patients in need. These technology advancements in the healthcare arena has generated interest from cybercriminals. Cybercriminals have no preference in whom they target if they can gain profit or cause a negative impact to the end user(s). When these vulnerabilities are discovered and attacks occur in the healthcare industry, it could literally mean the difference between life and death for patients. This critical outcome has created a high demand for cybersecurity and technical personnel in this industry to implement them. Three of the top trends in the healthcare industry as it relates to cybersecurity are the increased dangers of 3D printing in medicine, revolution of big data and advanced analytics in the healthcare system, and Internet of Things (IoT) and cloud computing as a security threat to healthcare. This paper will focus on the complexity of the healthcare industry and how transitioning to the Internet of Things and cloud computing has created a large security threat to all medical practices around the world.

Top Trends of the Healthcare Industry

Technologists and companies around the world have embraced the importance and endless possibilities of 3D printing (NAICS 323111). 3D printing is a manufacturing process that creates a three dimensional object by incrementally adding material until the object is complete (this contrasts with subtractive manufacturing techniques such as carving or milling, in which an object is created by selectively removing parts from a piece of raw material) (Lacoma, 2018). Many manufacturing companies first began using 3D printing to resolve some of their most difficult problems and improve the efficiency of their processes. The healthcare industry began to take notice and medical experts began developing ideas on how this technology could be implemented in their medical practices. 3D printing in healthcare makes it possible for medical professionals to provide patients with a new form of treatment in several ways. 3D printing is used for the development of new surgical cutting and drill guides, prosthetics as well as the creation of patient-specific replicas of bones, organs, and blood vessels (Izukor, 2019).

Although the benefits of using this technology in medicine are endless, the process has created a heightened risk of misuse or tampering by cybercriminals. If a hacker can obtain the digital design files or proprietary information about the design of a medical product such as prosthetics, they could potentially introduce flawed design modifications. For example, in some cases, simply changing the orientation of a product during 3D printing may affect its strength and utility for a specific purpose (Redding, 2019). These unwanted modifications could lead to severe damage to patients and cost the healthcare industry millions in settlements. This scenario has created the demand for better cybersecurity against these attackers. Security experts have begun encouraging these companies to begin using removable drives exclusively, soundproofing walls, installing firewalls, and unplugging these printers from the internet to help with reducing the number of successful cyber-attacks.

The introduction of big data (NAICS 518210) within the healthcare industry is building momentum and seemingly transforming the way patients and healthcare providers are providing services. Currently, the primary data pools for the big-data revolution in healthcare are activity (claims) and cost data, clinical data, pharmaceutical R&D data, and patient behavior and sentiment data (Groves, Kayyali, et al., 2013). As the data from these four data pools accumulate over time, analytic teams can develop advanced algorithms, applications, proactive treatments, trends, and insights that are impactful to all stakeholders of the healthcare industry. Advanced analytics is key to ensuring data is quickly reviewed and the best options are made available to health professionals. For example, claims data may show that a patient has tried three treatments for cancer, but only the clinical data show us which was effective in shrinking the tumor (Groves, Kayyali, et al., 2013). Examples such as this demonstrate how this data can help with the outcome of a patients’ health, assist physicians with choosing the proper procedures, and reduce cost on unnecessary treatments. In parallel to the implementation of Big Data across all medical practices, personal data such as electronic medical records and devices are constantly being compromised by criminals. Each of these incidents result in fines and remediation cost to patients. For example, in 2018 a major health insurance company paid a record $16 million HIPPA fine when nine million patient health records were exposed (Baker, 2019). For now, to address the need for better cybersecurity, the Department of Health and Human Services (HHbS) released reports on cybersecurity best practices and understanding the risks of using certain technologies.

The Internet of Things (IoT) (NAICS 541330) is currently a relatively new market not only in the healthcare industry, but most industries. The IoT is a megatrend in next-generation technologies that can impact the whole business spectrum and can be thought of as the interconnection of uniquely identifiable smart objects and devices within today’s internet infrastructure with extended benefits (Islam, et al., 2015). With the introduction of IoT in healthcare, cloud computing has played a pivotal role in their complimentary relationship. While IoT produces large amounts of data, the primary responsibility of cloud computing (NAICS 541519) is to ensure the data is guided and stored in the correct locations. These technologies have helped to improve the efficiency in healthcare operations. With the growing complexity of this industry along with the adoption of IoT and cloud computing, a large security threat is beginning to manifest itself within healthcare.

Growing complexity of the healthcare industry

The importance of the healthcare industry is undeniably vital to most living beings and species as patients visit medical facilities as often as once a year or as many as five times a week to meet with their health professionals. As the population continues to live longer lives, the higher the demand for healthcare services. The reason the healthcare industry is perceived as complex is due to the multilayers of medical services, growth of industry worldwide, lengthy list of laws and regulations, advancements in technologies, unique cost models, and the differences between each layer. For example, the health care system comprises networks of components (hospitals, clinics, nursing homes, rehabilitation units, patient homes, families, and patients) that interact nonlinearly on different scales (the patient, family, medical center, and government), and often produce unintended consequences (adverse drug reactions, nosocomial infections, rehospitalizations, and functional decline) (Lipsitz, 2012). Every year these components change as well as grow exponentially in size which inadvertently impacts consumers of the healthcare industry. In order to address some of the complexity and industry growth, technology advancements were implemented and continually improved in which we will be described next.

The adoption of IoT and cloud computing

As the populations continue to thrive into longer years, decline in health professionals, growth of electronic data, and the demand for remote medical monitoring, the advancements of technology have provided solutions to many of these issues. One example of the IoT in healthcare is the Continuous Glucose Monitor (CGM) that monitors the blood glucose levels. The body sensor collects data and uses Wi-Fi to send information to the appropriate cloud infrastructure. When the readings are above normal levels, the physician and patient are notified along with corrective actions. A similar technology is the Bluetooth-enabled weight scale and blood pressure cuff that tracks patients’ conditions following cancer treatments as soon as they depart the medical facility. Like the CGM, cloud computing is vital when this data is collected from the sensor as it needs to be stored, processed, and made available in a user-friendly dashboard/application within seconds of collection. The cloud computing infrastructure provides the essential resources (like CPU, storage and application servers) for deploying the web application and the interfaces that enable the communication with the sensors and the various external systems (Doukas & Maglogiannis, n.d.). The adoption of IoT and cloud computing has saved lives due to proactive monitoring, reduced costs to medical providers, and has made viewing patients’ current vitals readily available from any network connected device.

The costly security threat of healthcare technology

As more technology is implemented throughout the industry, the security threat grows in parallel. Adding connectivity to these devices has led to revolutions in medical science and have changed the way institutions are able to care for patients, but not without added risks. Without proper cybersecurity in place, electronic patient records containing personally identifiable information and network connected medical devices are subject to cyber criminals. When criminals can illegally access this sensitive data, they manipulate the functionality of medical devices, perform ransomware attacks on systems at medical facilities, create false identities, and other attacks that negatively impact operations.

Whenever data is exposed to the internet, the risk of the data being compromised is prevalent, but the stakes are much higher when it relates to healthcare and the protection of patients.

How healthcare can address the security threats

Any network connected devices are vulnerable to be attacked by cybercriminals, but there are security best practices that could limit or prevent these security threats. At a minimum, the IT staff could ensure users regularly perform security updates, educate users about phishing techniques, deploy encryption tools, enforce strong password combinations, and provide users with security best practices. In addition, health systems and companies should communicate cybersecurity plans to community leaders, policymakers, patients and other stakeholders to build confidence and generate best practices (Baker, 2019). Collaboration in and outside this industry is essential in order to maintain and adapt to the constantly changing landscape of cybersecurity.

Conclusion

To conclude, this paper provided information regarding top trends in the healthcare industry as it relates to cybersecurity. It also discussed the security threat that this industry currently faces with the growth of technology advancements in the medical field. Depending on the sensitivity of data collected by cybercriminals, the damages could result in huge financial losses, reduction in employment, life-threatening scenarios, or even closure of medical facilities. In order to mitigate the multiple security threats in this industry, the IT department within each medical provider would need to strategically develop guidelines and policies that involve implementing various security best practices without impacting medical operations.

References

Baker, M. (4 February 2019). Big Data Transforming Healthcare, But Cybersecurity Issues Loom. https://www.wileyconnect.com/home/2019/2/4/big-data-transforming-healthcare-but-cybersecurity-issues-loom

Burrill, S. & Beaudoin, D (2019). 2019 US and global health care industry outlook. https://www2.deloitte.com/us/en/pages/life-sciences-and-health-care/articles/us-and-global-health-care-industry-trends-outlook.html

Doukas, C. & Maglogiannis, I. (n.d.). Bringing IoT and cloud computing towards pervasive healthcare. https://www.researchgate.net/profile/Ilias_Maglogiannis/publication/261431852_Bringing_IoT_and_Cloud_Computing_towards_Pervasive_Healthcare/links/563c7e4708ae45b5d288eb41.pdf

Groves, P., Kayyali, B., Knott, D., & Kuiken, S. (2013 January). The ‘big data’ revolution in healthcare. http://repositorio.colciencias.gov.co/bitstream/handle/11146/465/1661-The_big_data_revolution_in_healthcare.pdf?sequence=1&isAllowed=y

Islam, S.M., Kwak, D., Kabir, H., Hossain, M., & Kwak, K. (4 July 2015). The Internet of Things for health care: A comprehensive survey. https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=7113786

Izukor, C. (6 May 2019). Cyber security trends in healthcare. Retrieved from https://blog.veriato.com/cyber-security-trends-in-healthcare

Lacoma, T. (16 June 2018). What is 3D printing? Here’s everything you need to know. https://www.digitaltrends.com/computing/what-is-3d-printing/

Lipsitz, L. (18 July 2012). Understanding health care as a complex system. https://www.ncbi.nlm.nih.gov/pmc/articles/PMC3511782/

Redding, H. (5 July 2017). The cybersecurity risks of 3D printing. https://bdtechtalks.com/2017/07/05/the-cybersecurity-risks-of-3d-printing/