By Tom Hickman
As if 2020 wasn’t bad enough for healthcare organizations, cybercriminals used the chaos of the pandemic to deliver even more devastating payloads.
These included ransomware infections that held critical systems hostage and distributed denial-of-service (DDoS) attacks that overwhelmed networks and injected malware that spread to many devices — including critical life-support equipment. In fact, research from Fortified Health Security illustrates that healthcare providers represented 79% of all reported data breaches in the first 10 months of 2020.
Although most people think carefully about protecting their credit card numbers and bank account information, the reality is that healthcare data is often far more precious. According to Experian, a single patient record might fetch up to $1,000 on the dark web, which is many times higher than the price for a complete credit card number. Considering the amount of sensitive, personally identifiable information contained in a health record — including financial data such as payment information — it’s easy to see why regulators are concerned with protecting it with adequate healthcare cybersecuritymeasures.
The Healthcare Sphere’s Cybersecurity Challenges
For healthcare organizations to deliver care effectively, they need a seamless flow of patient information from one provider or department to the next. This swift transfer of patient data exacerbates cybersecurity challenges in healthcare, but it also highlights the question of data sovereignty.
Patients, after all, are largely left out of the loop when it comes to accessing their own data — and they’re at the mercy of the organizations that move and store it. Broadly, the idea of data sovereignty dictates that the laws governing data are decided by the nation in which data is kept, establishing a sense of trust that all organizations that use such data will adhere to the same standards and regulations. On a more micro level, however, data sovereignty is simply the ownership of healthcare data by the patient instead of the healthcare provider.
One of the biggest cybersecurity challenges in healthcare is to provide a secure, private storage system that allows patients to feel confident sharing their data with various providers along their healthcare journey. To address this vexing problem, some organizations are attempting to bring together blockchain technology and healthcare.
Applications for Blockchain in Healthcare: From Cybersecurity to Data Sovereignty
Blockchain is most commonly associated with cryptocurrencies such as bitcoin and ether, but the technology itself is based on an encrypted, immutable (meaning it can’t be changed), and distributed ledger where each transaction is verified and added to a “block.” Each block is then added to the ledger, cryptographically linking it to the previous block.
In healthcare, blockchain has a number of promising applications; the technology can allow patients to feel more comfortable sharing their healthcare data outside of their provider or organization because all information is secured through a decentralized, immutable record. This makes it a particularly promising way to solve some of the healthcare cybersecurity issuesthat currently plague the industry, including massive breaches affecting thousands of patients and the increasing number of technologies (such as wearables) that can be targeted.
Instead of hackers having to access a single source of information to steal data on a multitude of individuals, blockchain-backed data requires criminals to hack an encryption key for each patient record they hope to steal. This feature alone carries the potential to stop major breaches in their tracks and start a new era of healthcare security. As blockchain technology becomes more regulated, it could also expand and transform different processes across healthcare organizations, reducing costs and speeding the claims settlement process from institutions to payers to patients.
Blockchain and healthcare aren’t an obvious pairing, but the technology has an incredible capacity to solve pressing cybersecurity issues in the industry. After a year where an abundance of cyberthreats created an additional burden on already stressed medical organizations, it’s more important than ever to explore all the available options for overcoming cybersecurity challenges in healthcare.
Cyberthreats aren’t going away, and it’s time for healthcare organizations to come up with a better defense. Blockchain is a promising technology in healthcare. If industry leaders can put the technology to good use in protecting their patients, it’s only a matter of time until the rest of the pack follows suit.
Tom Hickman is the U.S. director of business development and sales at Chainyard, a blockchain consulting company focused on delivering production solutions that address supply chain, transportation, manufacturing, government, financial services, and healthcare pain points. Chainyard has years of experience in building, testing, securing, and operating complex distributed systems.