The Privacy Problem for Healthcare IT: Need for a New Kind of PaaS

There is a new kind of PaaS emerging, not only in the Healthcare IT sector, but in all sectors of business. With a recent spike in demand, privacy-as-a-service has become an increasingly important service to be offered by IT companies. Why such a sudden and significance increase in demand for privacy-as-a-service? Two words: sensitive data. Humans have become increasingly technology-dependent, utilizing virtualization of information whenever and wherever possible in order to facilitate IT mobility.

While this shift towards integrating technology into everyday life has been extremely beneficial in facilitating improved business management, service, and access to information, it has also created a number of problems, most notably that of securing private information. Without even really meaning to, companies have become proprietors of a new kind of wealth, customers’ data. As companies control more and more customer data, customers are holding the companies to ever-higher expectations regarding the safeguarding of customer privacy and personal information.

The issue of privacy and security is all encompassing. It does not matter what market you are in or what service you provide, you are in the privacy business. If you are not able to consistently and effectively safeguard your customer’s personal information, you lose customer loyalty. If you lose customer loyalty, you lose business. It’s that simple.

You don’t have to be a genius to understand that consumers are growing increasingly concerned about their privacy. Large-scale data breaches, such as those at Target and most recently at Anthem Health Insurance, have served to fuel the fear regarding the privacy, or lack thereof, of personal information in the business world.

Customers are not only worried about hackers, but also what companies are doing with all the data they collect. The backlash is beginning. According to Harris Interactive and TRUSTe study, 89 percent of consumers responded that they wouldn’t do business with a company that doesn’t do a good enough job protecting them online, while 76 percent are likely to check websites and apps for a privacy certification seal. [i]

All this points to one takeaway: consumers are becoming more wary and businesses will suffer tremendous losses if they fail to earn the consumer’s trust and confidence in the company’s ability to protect the consumer’s private information. Consumers are going to start expecting privacy-as-a-service more and more, and if they don’t get it from you, they’ll go looking elsewhere. This means big importance and big business for Healthcare IT companies that can facilitate security solutions.

How can you get ahead of the curve and make sure your company is doing a good job of protecting your customer’s private information? Here are a few tips on how to build customers’ confidence in your ability to protect their privacy:

  • Hire the right Healthcare IT people to help you put security measures in place. Invest in top-of-the-line equipment, and train your employees to follow protocols. If you haven’t taken the proper precautions, you can’t protect your customers. It’s that simple.
  • Be transparent with your customers.  Tell them how you collect their data and why. Instead of burying your disclosure in some long-form policy that people either don’t want to read or can’t understand, make your language simple and straightforward. When presented with the opportunity, go a step further and share details about the measures you are taking to protect customers’ information.
  • Collect only the information that you need. Your company sends up a warning flag when you ask for too much information for simple online transactions. Ask customers to share only service and business-relevant information.
  • Don’t sell customers’ data. If you can’t stand the thought of losing that source of revenue, think about the income you will lose when your current customers defect because they feel you have violated their privacy rights and the negative reputation your company will receive.

As data breaches become more commonplace, privacy-as-a-service is increasingly viewed by customers as an absolute necessity, rather than a bonus service. What are you doing to assure your customers that you’re acting in their best interests with the data you collect on them? Take steps now to protect your customers — and your business.


Healthcare IT & Remote Access: Exposing Virtualization’s Strengths and Weaknesses

While remote access helps make carrying out business convenient and more efficient, it is important to understand that with ease of use and access to information, comes the vulnerability of this information. Healthcare IT companies are instrumental not only in implementing effective remote access, but also in helping to secure the sensitive information being accessed via the cloud.

Technology that allows you to remotely access operating systems and business information, whether it be by internet connection or cellular data, is an incredibly valuable business tool. Virtualization of company and consumer data and implementation of enterprise cloud solutions enables company professionals to easily access the hospital network from anywhere.

However, while remote access is extremely beneficial, it can also put companies, and their customers, in great danger. Unsecured access from remote devices gives hackers a pathway to compromise organization networks and in the case of the Healthcare industry, gain access to patients’ medical records.

To see how destructive a data breach can be, one need only think back to Target’s massive data compromise in 2013. It is believed that the incident began when a hacker gained access to one of Target’s systems via a remote access account belonging to an HVAC company. Hacker’s utilized that access to gain a foothold on an internal system and then leapfrog to other systems inside the Target’s network. The breach, which resulted in the theft of 40 million consumer credit card and debit card numbers was extremely harmful to the customer’s affected and the retailer’s reputation.

There is no reason to believe that a similar attack could not take place on Healthcare providers. In fact, recent attack trends show that cyber thieves have been shifting focus to Healthcare due to the lucrative nature of patient health information on the black market. According to a 2015 Ponemon Institute study, medical identify theft incidents increased 21.7 percent since 2014.[i] In a growingly dangerous world of cyber-crime, implementing the correct, effective Healthcare IT solutions for remote access and cloud computing is critical to ensuring the security of sensitive information.

In today’s day in age when everyone seems to be “plugged-in,” conducting work from the road via Smartphone or at an offsite meeting on a tablet or laptop, it is safe to assume that remote access is here to stay. With that said, Healthcare companies need to look at how to arm themselves to fend off these impending cyber attacks. While integrated biometrics, such as recognition of palm prints, facial characteristics, and fingerprints are likely to help securely authenticate a person’s identity in the future, the infrastructure for wide-use of this technology is not currently in place. Therefore, in the mean time, Healthcare providers have work to do.

In order to try to combat growing attacks on data by hackers, Healthcare organizations need to be proactive in protecting their customer’s sensitive data. This can only be done if companies not only make security an ongoing practice, but also a top priority that stays at the center of business operations and data management.