The Cloud, Hackers, and the Future of Patient Information

By Willow Becker

As the healthcare industry stands at the edge of a new era of technology integration, the question of patient privacy remains the biggest boulder blocking widespread adoption. As the medical profession looks towards the cloud for solutions to issues of access and interoperability, can we really put full faith in a technology that has been proven to be breachable?

Could Cloud-Based Healthcare Be the Game-Changer for Interoperability?

For over a decade, e-prescriptions have gained acceptance in both forward-thinking and more traditional practices. Still, electronic health records (EHRs) have not been as fast-moving when it comes to innovation, and interoperability is still a major issue. Different providers have different systems which don’t always integrate well with each other or with the pharmacy that is filling the prescription. And, too often, the EHR document itself has too much or too little data for the pharmacist to work with.

The disconnect between the systems leads to mistakes, loss of time and information, and the inability to have cohesive medical records that can be accessed off-site—an issue that some say cloud-based healthcare would be able to overcome.

In a 2012 paper from the Polytechnic University of Timisoara, Oana-Sorina Lupşe and colleagues lays out a potential plan for using cloud computing in the healthcare industry as a means to:

  1. Safely store medical data (cloud computing is scalable, increasing or decreasing resources, as needed)
  2. Offer remote access (the data can be accessed via the Internet from anywhere)
  3. Provide data sharing between authorized units and easy updates to the medical  history of  the patient.
  4. Integrate treatment in real time and validate future treatment

Cloud-based healthcare solutions offer the ability to gather information, store it, and share it with both patients and medical stakeholders like pharmacists. This means fewer mistakes, more complete files, and better access for patients seeing multiple doctors with multiple prescriptions.

Safe and Sound?

Of course, the benefits of a cloud-based information sharing system are staggering. But the drawbacks have given a number of influencers pause. Lupşe states:

“The healthcare domain needs increased security and privacy levels, meaning that cloud computing technology  has to be more carefully managed in order to achieve this requirements. The matter is less technical and  more ethical and legal. Before cloud computing technology can be fully adopted as a structure for health IT, providers must gain the trust of society and to demonstrate that they meet the HIPAA.”

In the Thales eSecurity 2018 Global Data Threat Report, Healthcare Edition, a staggering majority of healthcare respondents are leveraging cloud solutions (100%), collecting data (96%), and integrating internet-connected devices like heart-rate monitors (92%). The sheer volume of the sensitive information that is being gathered is overwhelming, and incredibly attractive to black-market racketeers that can make excellent money selling it. In the 2017 Cost of Data Breach Study by the Ponemon Institute, in partnership with IBM Security, healthcare breaches represented 60% of total cyberattacks, with a price tag of almost $1.2 billion per year.

According to Dr. Clemens Scott Kruse of Texas State University’s School of Health Administration, “The privacy of patients and the security of their information is the most imperative barrier to entry when considering the adoption of electronic health records in the healthcare industry.” Nowhere is this more true than when discussing cloud-based information, which makes patient records more available to patients, doctors, pharmacists, and hackers.

Both the MMA of 2003 and the HITECH Act of 2009 highlight the three HIPAA areas that must be considered to make e-prescribing and cloud-based healthcare solutions truly safe on the physical, technical, administrative levels. Still, Kruse states that human error is one of the gravest areas of concern, as well as the constant shifting nature of cyberthreats. In the paper, Security Techniques for the Electronic Health Records that security programs must be “balanced with physical, technical, and administrative security controls along with an ever-present eye on the security landscape.”

The Future of Patient Information

So what does this mean for the future of healthcare, especially when it comes to protecting information that is gathered from patients, shared with pharmacists, and stored on the cloud?

While there are clear risks, there are also people working to identify areas of weakness—gathering information, storing it, and sharing it—that are prone to attacks and could potentially lead to information leaks. Companies like ClearData are reaching new levels of security protocol and information protection that are finally giving many healthcare professionals the faith they need to invest in interoperable systems and integrations within and without their own networks.

Chris Bowen, Founder of ClearData recently shared what he believes the future of patient information will look like—a self-managed system that integrates cloud-based environments with on-site devices, allows for superior auditability, and real-time audits for record safety compliance.

“The next step is to actually be able to put that environment inside of the data center, to allow a provider or payer organization to actually run that dashboard inside of their own data center to see how compliant they are,” Bowen said.

With a focus on interoperability, more physicians and pharmacists with instant access to cloud-based medical information, and increased securities, the future of patient information is comprehensive, low-cost, accessible, and safe. In short, the future looks safe for your information; all we have to do is get there.

Tags: Healthcare

Want something for nothing?

Are you interested in the USP 800 and CBD Oil Fact Sheets, or a FREE Compliance Strategy Call? Let us know — no strings attached!