In this modern era, data breaches and exposure of personally identifiable information is so frequent as to nearly be unremarkable. Last year alone, there were over 3,900 publicly disclosed data breaches; although a decrease of almost 50 percent compared to 2019, these breaches revealed 37B records, an increase in volume of 141 percent.
It’s one thing to have your driver’s license or social security number out there. But — as any health technologist can tell you — a breach that exposes sensitive healthcare information automatically catapults into a completely different category. It’s unsettling that the results of your mammogram or colonoscopy, the private concerns you’ve shared with your doctor, or how much you owe on your medical bills could be fodder for the unscrupulous or even simply the curious.
After all, patients enter the healthcare system at their most vulnerable, their most human, frequently at moments of tremendous need, sometimes at the worst times of their lives. For some, even the act of stepping foot into a doctor’s office takes tremendous courage. Patient privacy breaches and HIPAA violations are especially egregious as they undermine people’s trust in a way that can fundamentally alter their health outcomes.
That said, healthcare technologists are facing an uphill battle as they innovate and develop technology for this space. Security is constantly at the forefront for most of us. At Welkin, for example, we’re believers in a layered approach:
Permissions that protect data integrity while still enabling critical information to be shared between roles and teams
Audit trail and security log to ensure every security action is visible
Organizational security controls that allow teams to leverage multi-factor authentication (MFA) or single sign-on (SSO)
HIPAA compliance and a SOC2 Type 2 certification
But the challenge for us all is a fractured landscape of customer requirements. In Canada, for example, there are provincial requirements for hosting data on prem versus the cloud. Ireland has similar constraints. This isn’t uncommon, especially in EU countries that have a robust privacy shield. But it’s increasingly surprising in a world that’s largely moving away from local hosting and storage to the agility and flexibility of the cloud. It’s like clinging to a horse-and-buggy when there’s a perfectly good Ford ready to take you where you need to go.
Healthcare technologists can build next-level, intuitive, patient-centric innovation that delivers on the promise of easing clinician burdens and producing better patient outcomes. And we can do it in a privacy-first way. But legislators considering data privacy issues must consider where technology is and where it’s going. Can you imagine telling Amazon and Salesforce that on-prem is the only way? It’s unthinkable.
Building in a cloud-native fashion is now table stakes; this is the standard. And failing to embrace it now presents its own serious risks later; chiefly, healthcare technology that isn’t as nimble, modern or effective for patients as it could be.
Sign up to receive Welkin updates, delivered straight to your inbox
At Welkin Health, we believe a company is only as amazing as its people. We’ve dedicated ourselves to improving the lives of care teams and want to show off the people who work tirelessly behind the scenes...Read More >
When patients feel like connected, active participants in their care, things improve -- for both the patients and to those of us providing care. In fact, as studies have shown, technology in the exam room or at...Read More >
Dr. Kathy Gregory has been practicing in women’s health for a quarter-century. In that time, she’s started her own practice, seen the rise of electronic medical records and other technology-based care enablers, embraced telehealth, and looked for...Read More >