As the development of Internet of Things (IoT) continues to mature, we see these new technological advances are shaping the healthcare industry. In March, Apple launched different health-focused apps, including CareKit which is an open-source framework for making health apps.
Meanwhile, the payment industry has also come together to simplify users’ lives. MasterCard is looking at security measures beyond facial recognition and fingerprint sensors, including heartbeat recognition: using a sensor to read a person's electrocardiogram.
These innovations, while interesting and potentially life-changing, come with a high risk of security breach.
Do you know you can put a man’s life in danger just by accidently leaking the serial number of his pacemaker? When hackers obtain this information, they can easily break into the device and shut it down remotely. There are a myriad of potential security issues to both users and healthcare organisations.
Recently, a breach was discovered when the Department of Health found some suspicious files in its server. Hackers may have accessed up to 17,000 personal and clinical files kept by the department.
The Hong Kong government, conscious about privacy and security, took more than six years to review and weigh privacy concerns before launching a system that could enable both public and private healthcare institutions to access patients’ health records comprehensively for timely treatment, though it seems it is still hard to get rid of hackers.
Data is the core value of any healthcare business, making them very easy targets to hackers. According to an annual Cost of Data Breach Study by Ponemon Institute sponsored by IBM in 2015, healthcare emerged as the industry with the highest cost per stolen record with the average cost for organisations reaching as high as US$363 per record.
This figure is more than double the average global cost of data breach per lost or stolen record which is US$154.
Therefore, security needs to be re-examined from an application perspective to ensure user access to applications are end-to-end protected and optimised. When healthcare records are open to be accessed by doctors and patients outside of the Department of Health network, this certainly increased the security vulnerability and risk.
Organisations should stay vigilant, protecting not just hardware infrastructure but also user access, applications, and the network that is transmitting large volume of sensitive data. It’s crucial for both users and healthcare organisations to understand what counter-measures they should take to safeguard their data.
The views expressed in this column are the author's own and do not necessarily reflect this publication's view, and this article is not edited by Hongkong Business. The author was not remunerated for this article.
Do you know more about this story? Contact us anonymously through this link.
Based in Hong Kong, Juni Yan is F5 Networks' Managing Director for Hong Kong and Taiwan. She is responsible for business expansion in Hong Kong and Taiwan, and charting of new business and channel strategy across Greater China region.