Technology is revolutionizing the way Healthcare data is understood and delivered. For example, Artificial Intelligence (AI) is transforming the interaction between medical devices and physicians with emerging tools that now assist them in identifying, prioritizing and treating conditions with increased accuracy and efficacy. These advances in Healthcare technology, however, introduces new questions and conditions within the Cybersecurity realm, confounded by the increased number of connected medical devices – and vast amounts of data produced and consumed.
While new devices play a critical role in diagnosing and delivering care to patients, they also introduce new vulnerabilities for malicious actors seeking to compromise healthcare networks for their valuable data. For patients and doctors looking to secure quality outcomes, accurate data is essential. For hackers looking to obtain valuable private health information, data can be turned into hard currency or valuable intelligence.
In 2018, more than 15 million patient records were compromised during 503 separate data breaches – nearly triple the amount of reported breaches from 2017. On average, cyberattacks against Healthcare organizations cost $1.4 million in direct costs for recovery with potential long term negative impacts on customer satisfaction and reputation.
When patient safety depends on the security of a hospital’s network, Cybersecurity is a threat that goes far beyond lost revenue and expenses. An attack can have dire, potentially irreparable consequences for patient care and to the healthcare organization’s reputation. Given the high stakes, not only is it critical that hospitals and healthcare networks understand the threats, but that they begin to take measures to combat them.
Connected medical devices communicating with the network serve several functions, one of which is to transmit imaging files for diagnostic purposes. The DICOM format (Digital Imaging and Communications in Medicine), which is the standard for the communication and management of medical imaging information has known vulnerabilities – “DICOM is at the center of two novel attack methods related to medical imaging that were exposed in April ”. If hackers gain access to such data, they can potentially manipulate DICOM images and they could alter test results.
Protecting data integrity requires increased focus, attention and forethought for the healthcare industry, specifically with the introduction of AI-based technologies that leverage medical image data. At MaxQ AI, we are following the path of “secure-by-design” and have engaged our partners to find more comprehensive security solutions to ensure data integrity, monitoring and access rights management as part of our overall Security program.
As an industry and community, we need to get the word out that data security requires more than technical proficiency. We need to invest in data integrity related solutions, incorporated into the imaging workflow at hospitals, and associated AI DevOps and Development platforms. It’s not something that happens overnight, but we must take a security-by-design approach as part of a multifaceted program that’s embedded in our corporate strategies, policies, governance and cultures.