Providing patients with quality healthcare and protecting hospitals from litigation at the same time is no easy feat. Unfortunately, cyber security is one of the most pressing issues health leaders face in 2018. For years, healthcare organizations big and small have fallen victim to data breaches. While not many were even close to the scale of the 2015 breach of Anthem Inc. that compromised nearly 80 million records, breaches in the industry continue. In 2017, only a few breaches affected more than one million records, and overall, breaches dropped 347% year over year.
These promising figures, however, don’t mean healthcare leaders can stop making cyber security a priority. 89% of healthcare organizations have had at least one breach affecting patient records in the last two years. Each breach costs organizations an average of $2.2 million, and damages the organization’s reputation. Healthcare organizations shelter very sensitive information that can be used to steal patients’ identities.
Cybercriminals are always looking for new ways to get past hospital defenses, and leaders need to be constantly attuned to the trends and best practices of the industry. One promising technology that has emerged in the last few years could help health leaders ensure patient protection and HIPAA compliance: the blockchain. But what is the blockchain, and can it really help make hospital data more secure?
What is Blockchain Technology?
Most databases involve a central storage location for data. The data can be copied, and there is always the risk that the central data storage location will become compromised. The blockchain, however, is decentralized. Essentially, it’s a public, distributed “ledger” that is made up of “blocks” of information that are added to whenever someone in the network makes a change. Because there is a record of every transaction and there is no central point for attack, it’s harder for cybercriminals to compromise the system.
The blockchain wasn’t originally intended to shake up the cybersecurity world. In fact, it was created to support the world’s first cryptocurrency (decentralized digital currency), bitcoin, in 2008. Since then, bitcoin has seen massive growth—in July of 2015, the price of each bitcoin was $280. By December 2017, it had reached $17,000 per coin. This explosive growth has helped popularize the blockchain technology on which it is built, and has caused security experts to consider the technology as a possibility for protecting data in other industries. Today, there are many new blockchain startups tackling security problems using this powerful technology.
Why is Blockchain Technology More Secure?
One of the biggest benefits of blockchain technology in cybersecurity is transparency. Since the record is public (not that it is public in the conventional sense, but that it is not stored and controlled in one location), it’s easy to trace anomalies that could signal a data breach. The system will actually search out and identify an anomalous block, removing the block from the chain and protecting the rest of the data. It’s nearly impossible to compromise the blockchain without taking out every node in the network all at once.
Centralized systems are only as secure as the passwords used to protect them—and those passwords can be pretty weak. We don’t want to remember a large number of obscure passwords, and it’s unrealistic to expect hospital employees to all be diligent about creating difficult-to-hack passwords. Once compromised, a centralized system may hide a breach for months, until it is finally discovered. By that point, the cybercriminals responsible have ample time to get what they want from the database.
Patient Privacy and the Cost of Data Breaches Create Urgency for Better Security Solutions
Of course, one of the most important reasons to prioritize cybersecurity is patient privacy and ensure your organization’s compliance with HIPAA. Because of the enormous breaches that have occurred in the last few years, patients are a little more leery of sharing their personal information. In 2013, 66% of patients felt comfortable sharing their health information to get better care. By 2016, that had flipped dramatically—87% of patients were NOT comfortable sharing their health information. That demonstrates an enormous drop in trust—and it shows that the industry needs to earn that trust back. In addition, more medical technology is relying on organization-wide networks, which gather patient data and must be protected.
Besides patient privacy, leaders need to consider new options for cybersecurity for financial reasons. Small healthcare organizations can’t afford to cope with an expensive data breach. Large institutions could be using money spent on mitigating damage elsewhere—such as developing vital programs and providing better care. The financial industry is already starting to recognize the power of blockchain technology in security. Health leaders would do well to consider making the switch as well—and soon.