With patient data becoming digitized, the need for Health IT security is growing. Several electronic health record systems have gone through breaches in security, compromising patient data. Some of these breaches are due to misconfigured servers, ransomware, or using unencrypted laptops when dealing with patient information.
Two acts our government has put into place to penalize health organizations for breaches in security are the Health Information and Technology for Economic and Clinical Health and Health Insurance Portability and Accountability Act. While data sharing across hospitals and providers is important, making sure that data is secure is higher priority.
Symantec has come out with new technology dealing with analytics that will help with security - in combination with Fortinet’s new product, health systems will be able to detect targeted attack and help manage network operations and security operations centers. Symantec has technology called Targeted Attack Analytic tech that allows automation from machine learning to detect targeted attacks.
Fortinet’s new information security technology deals with automate security response. These responses are based on predefined triggers - the need for this type of security is due to the decrease in the IT workforce. Implementation across security disciplines will garner better visibility and control over security threats.
With numerous technological advances in medical devices, there is also a call for security and regulation. The FDA has created a five point plan called the Medical Device Safety Action Plan: Protecting Patients, Promoting Public Health that focuses on establishing a robust safety net for medical devices, exploring regulatory options to implement post-market mitigations, encouraging creation of safer medical devices, advancing cybersecurity, and implementing total product life cycle approach towards medical device safety.
The FDA enforce that medical devices will have the capability to be updated and have security patches, and is contemplating having companies disclose cybersecurity issues to consumers.