Cyber security is a growing problem for healthcare providers, who often struggle to keep the records of their patients secure. Cyber insurance coverage is not generally mandated by law and many healthcare organizations remain uninsured, even though laws and regulations require them to implement certain security measures to protect sensitive data.
We don’t have to look far to see some sobering examples. In May 2017, the UK’s National Health Service (NHS) was hit by the ‘WannaCry ransomware attack’ causing widespread disruption and leading to the cancellation of thousands of appointments and surgeries.
In September that year, the US credit card reporting agency, Equifax was hit with a data breach that exposed the personal data of 143 million people, including birth dates, Social Security numbers, and addresses. The company also reported that some limited personal identifying information of certain individuals involved in healthcare was impacted.
The data breach resulted in Equifax reaching a settlement with the US Federal Trade Commission (FTC) and the Consumer Financial Protection Bureau (CFPB) of up to $700 million in fines, compensation, and credit monitoring services.
But these attacks are just the tip of the iceberg. Most cyber attacks go unreported, with the attacked organization quietly paying the ransom and hoping the data of their patients has not been compromised or shared.
While healthcare providers can act to protect their data and minimize the chance of an attack, they can never be guaranteed complete safety. But a savior may be on the way — coming from the unlikely world of Bitcoin — Blockchain technology.
Blockchain technology to the rescue
Blockchain technology is a decentralized, digital ledger that is used to record transactions across a network of computers. While it’s best known as the technology that underpins cryptocurrencies like Bitcoin, it can also be utilized for other purposes, such as securely storing and sharing medical data.
Blockchain’s resistance to tampering is due to the fragmented nature of the technology.
This is because each block in the chain contains a unique code, called a “hash,” that is based solely on the contents of the block. If any information in a block is changed, the hash will also change, which makes it immediately apparent that the block has been tampered with.
Data stored on the blockchain is distributed across the network, rather than being stored in a central location. This makes it almost impossible for hackers to access and steal the data.
Software developers working on blockchain
Several software developers have been working on blockchain solutions for medical records, including Metachain , who promote a solution in which patients are “at the center” of the system, with the ability to grant other users access to their electronic health records (EHR) or revoke that access by setting up a time limited gateway, “thereby improving their experience and guaranteeing data security.”
Other providers developing similar solutions include
Blockchain technology promises secure, decentralized medical records that can be easily shared between healthcare providers. It has the potential to improve the quality of care for patients by giving doctors and other healthcare professionals access to a more complete picture of a patient’s health history. Additionally, through the use of “smart contracts.” blockchain can help to ensure that patient data is only accessible to authorized parties, further improving the security of medical data.
Developers still face hurdles
Developers still face a number of hurdles however, including scalability, as the technology cannot currently handle large numbers of transactions quickly. This can lead to slow performance and high costs.
There are also incompatibility problems. As it is still in its early stages of development, different blockchain platforms may not be able to communicate with one another. This will make it almost impossible for healthcare providers to share medical data between different systems.
Even if those challenges are overcome and Blockchain gives us a secure universal platform for patient records, no organization can be completely safe while it is operated by humans Weak passwords and employees downloading and installing ‘Trojans’ on computer systems will remain a doorway through which hackers will continue to pass.
The only real guarantee of safety, is for organizations to be covered with cyber liability insurance, sourced through a knowledgeable broker like the Westwood Insurance Group, who can match the policy to the specific needs of each healthcare provider.