Losing Ourselves: Importance of Data Protection in HealthcareFebruary 16, 2023
In the wake of several new changes to the healthcare system law within the last year, including those seen with the overturning of Roe v. Wade, as well as a growth of technological advancements and notable increases in cybercrime, the need for safeguarding patient privacy and online health data is becoming more crucial.
Strengthening legalities under the Health Insurance Portability and Accountability Act (HIPAA) is a reform being called for by members of US Congress, with Rep. Sara Jacobs (D-Calif.) offering that “none of our privacy laws are really set up for what we are going through and what society looks like [today]. We need a host of new fixes.”
Digital Collection of Healthcare Data
Healthcare providers collect patient data within the guidelines of HIPAA, defined by the CDC as “a national standard that protects sensitive patient health information from being disclosed without the patient’s consent or knowledge”.
These rules help to safeguard personal data, but the use of online devices and apps to track health data has been on the rise for decades, and the software used with these is not always managed or protected by HIPAA. These devices include Fitbit, Apple and Samsung watches, and applications that can be downloaded from any site for managing one’s health. These all contain biometric user data, such as heart rate, weight, height, reproductive cycles, etc., which is collected to create profiles of individuals. Even COVID data tracking apps collect personally identifiable information (PII).
Healthcare Data Cybercrime
According to the Department of Health and Human Services (DHHS), “apps on smartphones may threaten [one’s] right to privacy by disclosing geolocation data which may be misused by those seeking to deny care”, especially in relation to recent changes to Roe v. Wade. Illegal access to this PII can also give cyber criminals the means to perform identity theft, using this information to open a credit line in someone else’s name, impersonate someone, or steal funds.
Protected health information (PHI), when properly managed, is safeguarded by trained healthcare professionals and typically collected in patients’ electronic health records (EHR) on internal servers or cloud computing networks. When improper training is in place for receiving, maintaining, encrypting, and disposing of PHI, or if a hacker is able to breach the cybersecurity system in place, then data becomes compromised.
Healthcare Data Protection
It is important to protect this information as this highly specific data identifies individuals. Healthcare providers, insurance companies, financial institutions, and the IRS, to name a few, use this information to provide critical services and identify people. Once this PII is compromised, it is extremely difficult to set it right again or reclaim any losses incurred.
DHHS has issued guidance to protect patient privacy in the wake of the Supreme Court’s decision on Roe v. Wade in an attempt to outline the ways in which providers and companies should manage personal information, but this is only the beginning of many steps that will need to be taken to properly protect personal health data in today’s technological world.
A Cybersecurity Education for the Future
This highlights the need for properly trained and well-educated cybersecurity, data science, and information technology professionals who can mitigate cyber threats and health data risks by implementing new and improved methods of cyber defense. Roles in these fields are integral across all industries, including healthcare, pharmaceuticals, manufacturing, and many more. Capitol Technology University recognizes that in today’s marketplace, every job is a technology job, in that technology plays an important role in every industry. Building expertise in this area is the key to a successful, dynamic, and long-lasting career. Investing in technology education ensures a candidate’s marketability and job-readiness.