Big Data isn’t the bad guy! Facing up to cybersecurity in healthcare
Our medical data is perhaps the most precious personal commodity we have, so how do we keep data secure in the new era of healthcare technology?
Just the other day I was asked by a local councillor about how a new era of healthcare technology could affect a patient’s ‘right to knowledge’, whilst keeping their data secure and protected. It’s a contentious subject, given that our medical data is perhaps the most precious personal commodity we have.
Ask any healthcare professional outside of the tech department about cybersecurity and they’ll give you one of two responses: Either they don’t know much about it, aside from the horror stories, or they feel they know enough about it to want to change the subject. Both responses are cloaked in fear, making cybersecurity something of a modern dirty word and a definite conversation stopper.
Sweeping security under the corporate carpet
And this is where we’re going wrong says Joe Kaeser, President and Chief Executive Officer of Siemens AG. “It’s high time we acted – not just individually, but jointly, with strong partners who are leaders in their markets.”
It’s disturbing to learn that a subject which potentially affects everyone has, for the past decade, been swept under the corporate carpet. But things are starting to change in the form of global collaborations such as Siemens ground-breaking Charter of Trust initiative, in which 16 partner organisations have united to “protect the democratic and economic values against cyber and hybrid threats.”
The charter states that “Cybersecurity is and has to be more than a seatbelt or an airbag; it's a factor that's crucial to the success of the digital economy. People and organisations need to trust that their digital technologies are safe and secure; otherwise they won't embrace the digital transformation.”
Big Data isn’t the bad guy!
To achieve this, first and foremost, we need to stop villainising our data – it’s not the bad guy! After all, life isn’t always easily packed into a standardised grid so the more information we have the better in terms of finding correlations.
In healthcare big data can provide break-throughs in diagnostics and preventative care, but the benefits go far deeper and have enormous societal impact when data patterns allow us to look at the affects of cultural and income variances upon healthcare in general.
The problem lies not in the data, but in the attraction of its value as a weapon.
In a study carried out by Guy Martin of Imperial College London, he found that “Healthcare faces even larger cyber risks than other sectors because of inherent weaknesses in its security posture… for those conducting cyber attacks the healthcare sector is an attractive target for two simple reasons: it is a rich source of valuable data, and it is a soft target.”
Seize the day!
So, let’s not take the ‘mañana’ approach. There are steps that can be taken today to ensure the better security of our data. Firstly, we need to be aware of the open source technology underpinning much of big data collection and analysis as this offers inconsistent security technology.
Next, we need to be selective about big data vendors and stop assuming that any big data distribution they select will be secure. Questions need to be asked and we shouldn’t be afraid to ask them.
One of the best options for healthcare organisations looking to implement big data is to invest in a well-supported, commercial solution, such as Cloudera, that can demonstrate its levels of security through legacy case studies.
Another effective route is to work with a cloud-based solution like Microsoft’s Azure HDInsight, which will enable you to get started quickly.
Establishing a culture of security
As with everything in life, knowledge is power and education is key. Not many of us truly embrace change, so a ‘culture of security’ will be an ongoing thing in helping to secure the future of healthcare data. It needs to be an ever-evolving culture that flows through the entire organisation and encompasses that all important education and training, which must be frequent and ongoing.
Ultimately it needs to instil a mindset of personal responsibility and accountability for data security, in time becoming as second nature as sanitary practices.
No crystal ball needed
I don’t believe we’ll ever see a data utopia in terms of security and, so long as the value in our personal information remains, the bad guys will find new ways to infiltrate our data lakes and pillage our warehouses.
It’s an ongoing war whose battles will at times shake our confidence in the system, but it’s a war that must be faced and fought together in order for Healthcare to evolve in ways that impact upon all our lives for the better.