The healthcare sector, like so many other sectors across the world, has been radically transformed by the use of digital technologies over the past decade. However, with all the improvements and benefits it has introduced, the nature of the healthcare business in terms of protecting patient information has accelerated the need for digital technologies and robust cybersecurity and data protection measures.
This is the view of Mark Clark, VP Sales EMEA North, Onapsis, who explains to Digital Journal that the proliferation of digital tools within the healthcare sector has also led to the rise of one of the other biggest threats to the industry – misinformation and disinformation campaigns and identity theft. This has further given rise to concerns over data breaches in the industry, and the proliferation of vaccine and medical conspiracy theories.
According to Clark: “Studies have found that there was a broad agreement among researchers, health professionals, and policymakers on the urgent need to combat health misinformation. Although the magnitude of the problem was unknown, studies have found that these campaigns mostly centred around vaccines, noncommunicable diseases, and pandemics. Misinformation and disinformation were very common across most social media platforms and the spread of false health-related content has been shown to inflict mental, social, political, and economic distress on patients and their families.”
Despite this, Clark is concerned that “the COVID-19 pandemic and the subsequent lockdowns only served to further increase health misinformation and disinformation campaigns across the world, polarising the discussions around these topics even more, while eroding trust in the pharmaceutical and healthcare industries.”
The impact of this trust deficit becomes evident in different areas of research. One study reveals that nearly 80 percent of adults have encountered at least one of eight false statements about the COVID-19 pandemic. The study further found that belief in COVID-19 misinformation was directly correlated with both vaccination status and partisanship.
Clark notes how: “Lisa Singh, a professor of computer science and research professor at the Massive Data Institute at Georgetown University, agrees with these findings, saying people accepted misinformation that was familiar to them and their backgrounds, and that aligned with their politics and beliefs. “
Singh explained it further by saying there is a greater likelihood of someone believing it when it was shared or promoted by a source they trusted – like a political figure or some other prominent figure. But without a doubt, the biggest catalyst in the misinformation and disinformation campaigns was the role of social media.
Clark draws the findings together: “The polarisation described in these studies was further evident in the trust that Democrat and Republican voters placed in different news sources. It found that this was directly linked with trust in COVID-19 information as well, with more Republicans relying on social media for information instead of trusted news. This manifested in many of the more reactionary responses to the pandemic, leading to the avoidance of vaccines, refusal to wear masks, and other behaviours that contribute to the further spread of the virus.”
There are solutions to combat this problem and to provide consistent, credible, and reliable healthcare information to patients. These goals, however, can’t be achieved if companies fall victim to cyberattacks and data breaches.
Here Clark observes: “Cyberattacks not only undermine the reputation of healthcare providers but also instil concerns among consumers regarding the security of their sensitive health data. Consequently, the credibility of organisations suffers as well. To confront this and prevent the erosion of trust within the healthcare industry and providers, it was imperative to establish robust cybersecurity measures to protect data.”
With the form of attack, Clark expands on the risks: “While phishing attacks and ransomware are common across the digital world, man-in-the-middle attacks, where cybercriminals inject themselves in conversations or data transfers to steal patient and provider information, and attacks on vulnerable networks are on the increase.”
In terms of suitable responses, Clark puts forward: “Organisations must prioritise investments in cybersecurity across the entire value chain to uphold and ensure the integrity of healthcare information and prevent data breaches while combating the spread of misinformation. This can be done by upskilling personnel to ensure they have the right expertise or knowledge to recognize phishing emails for example.”
He adds: “Besides practising proper digital hygiene, such as creating and using strong passwords, employees should be trained on proper data usage and management. Healthcare providers such as hospitals and clinics should control and monitor any suspicious or malicious activity while implementing strict access rights.”
Other steps that should be taken include the use of advanced cryptography for data encryption transmission and storage, and the use of bring-your-own-key (BYOK) techniques. Mobile phones, apps, and other Internet-of-Things devices have become standard practice for healthcare providers and administrators, but, as Clark notes, they also introduce more vulnerabilities.
Clark’s final recommendation is: “By using multi-factor authentication, application data encryption, and remote locking of lost and stolen devices, the healthcare sector can further protect patient data. Having a proactive approach to privacy and information protection remains one of the best things any internet user can do to protect against data breaches.”
