new-logo25Emma Bailey

__________________________________________

Last year’s Heartbleed data breach exposed one of the latest dangers of living in a digitized world. With the entire healthcare system becoming increasingly reliant upon digital organizational systems, a patient’s most private information — prescriptions, records, communications, you name it — is vulnerable to hacks. While doctor-patient confidentiality and HIPAA legislation aim to keep your information from falling into the wrong hands, the rise of the Internet of Things and improved Internet connectivity across the board allows for data to spread through new and unpredictable digital channels.

Illegally obtained medical records promise huge sums of money on the black market, more so than customer or banking information, or even risque photos of famous celebrities. Certain kinds of personal information are very valuable for those wanting to pose as someone else in order to obtain medical care. And although there are dozens of cybersecurity-related legislative proposals before Congress, and some amendments have been made to certain pre-existing legislation, there is still much work to be done to safeguard patients against future health care data scandals.

The Heartbleed “mishap” incited a wave of widespread privacy and identity-theft panic from those within the healthcare sector, as well as from other professionals who were later held culpable for the dataleaks. It has become glaringly obvious that thousands of servers are vulnerable to attacks from outside intruders, and it’s also clear that unsophisticated Secured Sockets Layer (SSL) certificates are, perhaps, not as safe as experts believed (and vastly inferior to CryptoComply modules).

The real question, then, is what can healthcare companies and individuals do to safeguard themselves against similar hacking attacks in the future? Some are confident that newly drafted legislation like FedRAMP, and amendments made to pre-existing laws, might be helpful towards that end. Ideally, the FedRAMP regulations will adequately address common security concerns, such as multi-tenancy and shared resource pooling, and provide a standard set of regulations that would ensure secure cloud usage in the Healthcare industry. More

Advertisements