The advent of modern technology has brought about a revolution in the health care delivery systems. Currently, the dissemination of information has been efficient leading to the restructuring of the entire organizational structure of the medical industry thanks to information technology (Grando, Rozenblum & Bates, 2015). Such technology applications in the medical world range from the use of portable devices for easy access to patients’ medical information, monitoring of their vital signs and the widespread use of electronic medical records. This has brought about a myriad of benefits to the healthcare industry, subsequently resulting in an overall improvement in patient health. A while back, most healthcare facilities used paper-based filing systems that were cumbersome to enter and retrieve data. Currently, the move to electronic databases has brought about vitality in information understanding with the access of hospital records from virtually anywhere in the world. Such convenience has brought about reduced cost, the efficacy of treatment and drug prescription and a host of other benefits currently enjoyed in this industry (Glaser & Salzberg, 2011).
In due time, two important aspects have come up in the health industry that relates to this advancement in information technology. They include patient empowerment and connected health. According to the European Patient’s Forum, patient empowerment refers to the process that aids people in controlling their lives and in giving them the capacity to act on pertinent matters especially concerning their health and those seen to reflect prime importance ("Patient Empowerment Campaign", 2017). Consequently, the introduction of information technology in the healthcare industry has brought about this kind of empowerment and ensured patients have complete control of certain aspects relating to their healthcare. Such elements include self – awareness, self – efficacy, health literacy, coping skills, and patients’ confidence. Subsequently and in accordance with the European Campaign for Empowerment, the five “Es” of empowerment are maintained. Through the introduction of Information and Communication Technologies, the engagement, experience, expertise, education and equality of patients comes under maintenance. In connected health, there is the merging of the digital media and mobile communications, successively providing an important solution to various challenges faced in the healthcare industry. Ultimately, through technology, connected health has helped alleviate patients’ self-management and overall wellbeing. This is so since health care officials get notices of the welfare of patients and are thus able to respond in time (Jones & Groom, 2011). Overall, advances in the technology of medical delivery have brought about a marked improvement in the overall quality of life.
Delegate your assignment to our experts and they will do the rest.
As the advancement of technology works in close conjunction with healthcare services, provision and the rapid revolution in germane areas such as data manipulation, information gathering and storage, and communication, the ethics of medics comes to light. As a result, ethics becomes a critical area of interest more so in the implementation of telemedicine systems (Berkowitz & McCarthy, 2012). Telemedicine refers to the remote or offsite diagnosis and treatment of a particular set of patients or patient using telecommunication technology. Therefore, there is the need of upholding the trust of patients, which is a legal requirement as health practitioners perform their duty. Ultimately, patients have a right to privacy in all kinds of situations regarding their details and medical records. And so, health officials have an obligation to protect the records of patients from emotional, spiritual, social and technological harm. This brings about the securities question in the process of data transmission. In relaying the medical histories of patients between different computer networks, security emerges as a prime concern for both the medical practitioner or company and the patient alike. Currently, health and medical websites are becoming more secure, since the information that they pass back and forth is both mission critical, confidential and to a higher degree private. Their portals utilize top-notch security engagements, which include the latest security layer called the Secure Sockets Layer (SSL). This secure technology ensures the establishment of an encrypted link between a web browser and a web server. Such technologies are essential in enabling a proper and efficient functioning of the healthcare industry.
Inasmuch as such securities are employed in the protection of information within the Internet, notable breaches involving hackers have taken place. Nowadays people are confronted with a grim reality in articles and news about the dangers of data breaches in the medical industry. A recent article in Reuters exposed the reality that presently, medical records are becoming more important than the information on credit cards (Humer & Finkle, 2017). Such incidents display an empirical proof that the number of malicious people who are capable of stealing medical information to use it for their purposes is rising. In 2014, the Federal Bureau of Investigations sent a dire warning to providers of healthcare all over the United States directing them to exercise vigilance against cyberspace attacks. This took place after an infamous incident whereby Chinese hackers broke into the computer networks of the largest U.S. operators of hospitals, Community Health Systems Inc., and stole personal information of close to 4.5 million patients. This incident resulted in a security outcry as people came to the realization of the dangers of stolen medical information. An expert in the healthcare security industry and TrustecSEC LLC Chief Executive Officer, Dave Kennedy, says that attackers are brazenly becoming braver. As they discover new ways to make money, the healthcare industry is emerging as a prime target since these malicious individuals are able to sell the information they acquire for monetary gains (Humer & Finkle, 2017).
Since the year 2009, the number of cyber-attacks that took place in the healthcare industry rose alarmingly to newer heights. Often, these attacks increase to the extent that their number in each year exceeds the preceding year by more than 40% (ICIT-Brief). This permeation of breaches in the healthcare security sector is partly due to the reluctance of health organizations to invest in cyber security for the past decade. In 2015, KPMG published a survey aptly titled the “Health Care and Cyber Security” (KPMG, 2017). In this survey, a murky revelation emerged that of the participating 223 Chief Security Officers, Chief Technology Officers, Chief Compliance Officers among others, 81% admitted to the fact that most of the systems of their organizations were compromised on more than one occasion of cyber-attacks. The remaining 19% cast doubt on the integrity of their systems since they were not willing to provide ample information regarding the status of their systems. In addition, all the cases revealed a 75% chance in the possibility of undiscovered breaches and only 53% were deemed to be fit in terms of security (KPMG, 2017). Overall, with the high doubt that was in the survey, the possibility of the number of compromised systems to exceed the aforementioned 81% was highly likely. Therefore, this calls for the introduction of the multilayer systems of security and programs to curb attackers and protect the employees of health organizations and more particularly, the identities of patients.
Data security in the healthcare industry is of prime concern since numerous potential threats predominantly face patients. The turn of the century rendered true the slogan, information is power. Technology has brought about and facilitated this truth to a significant degree and extent. Currently, adversaries to the healthcare systems steal information and use it for their benefit. The most common potential threat is the one that involves insurance fraud, financial gain, or event attacks that specifically target and harm the victim. The attackers sell information pertaining to the victims online or use this information themselves. They do this by faking insurance credentials, subsequently faking their identities. Now, these actors go ahead to create appointments and even undergo surgery, or other significant medical procedures at the expense of the victim and eventually, the organization providing healthcare. According to an indication by Computer World, duplicitous billings are responsible for close to 3 – 10% of all annual expenditures in health. Such masquerading financially burdens the victim and in due course leads them to dependence and other legal complications. In addition, if in a hypothetical case the actor has a different blood type, then either the victim or the actor is at serious risk of medical harm. Such potential danger is easily avoided through refraining from identity threat, but in most cases, the perpetrators continue with their crafts unabated.
On a similar sense, the PII, EHR, and PHI data is extremely sensitive. The PII refers to Personal Identification Information, which is used to trace and eventually distinguish the identities of individuals, such as their social security number, name, biometric records among others. EHR means the Electronic Health Record and refers to the paper chart of patients that is in the form of a digital version. PHI is the Public Health Information, which allows an individual to have their identifiable set of information pertaining to their health ("PHI and PII Definition and Data Elements | iDASH", 2017). Such information is pivotal in ensuring the proper treatment of an individual. An attacker may steal such information and use it to access financial accounts, apply for loans and other credit options all in the name of the victim. This goes a long way when the attacker does this without gaining notice, and they may even go to the extent of embracing this kind of disguise and using it for an extended period. Such instances whereby there is massive identity theft to the extent in which the actor buys properties or holds a job have always flooded the news and public media. Aside from patients, doctors also are at a high risk when it comes to this kind of identity theft. In most cases doctors earn a good salary and more to this are able to give prescriptions; subsequently, the value of information pertaining to a physician is high on the dark web. This kind of information leads to potential threats and at the hands of criminals, lethal prescription drugs are sold. Additionally, the support staffs are also at potential risk from data theft. A good example is the UPMC systems attack that saw the digital filing of income tax for several hospital staff and then followed later by the stealing of their returns.
These attackers also use health information that is private for the extortion of money (Institute for Critical Infrastructure Technology, 2016). This potential danger is by far the most crucial because it involves stealing money through threats and then affects the victim directly through violence. Some of the extortions tend towards blackmail especially in a case whereby the victim has a stigmatized condition or disease such as HIV or sexually transmitted infections. As a result, this leads to social and psychological damage. Moreover, the stealing of private information and subsequent exposition is legally unlawful and is punishable by law. In a different scenario and in view of the OPM breach that involved the stealing of data for federal government employees ("Cybersecurity Incidents", 2017), data theft could result in a national disaster. Such information as the OPM data could be used to track down intelligence assets within the nation, subsequently leading to their capture and interrogation, which may lead them to spill out state secrets or even their deaths. In essence, Wired Magazine projected a scenario whereby the writer Evan Ratliff tested his research on disappearing and eventually living off the grid (Ratliff, 2017). In doing this, he offered a prize coupon of $5,000 to the person who would find him easily. Later, in less than a year, Ratliff was found in a motel based on the dietary restrictions that he had, which was primarily a gluten free diet. This shows that aside from identity theft, medical data is also useful in tracking and pinpointing where people are located. Other minimal but serious hacking breaches include the attempt by Al Qaeda operatives to mess with the pacemaker of Dick Cheney, who was the 46th Vice President of the United States of America through using an exploit via the unsecured Bluetooth connection. This shows that hackers go to the extent of even murder when it comes to exploiting medical data breaches
In conclusion, although Information and Communication Technology has enhanced medical delivery, there are still threats that significantly hinder this process. Hackers present this challenge in various forms through their illegal activities. Much of the causes of such data breaches include mobile devices since they encourage sloppy security practices, malicious insiders who sell out sensitive information, inadvertent posts that divulge sensitive information among others. Such tendencies and malpractices have resulted to exploitation by hackers, ultimately leading to potential threats against patients and the entire healthcare fraternity.
References
Berkowitz, L., & McCarthy, C. (2012). Innovation with Information Technologies in Healthcare (1st ed.). New York: Springer.
Cybersecurity Incidents . (2017). U.S. Office of Personnel Management . Retrieved 9 May 2017, from https://www.opm.gov/cybersecurity/cybersecurity-incidents/
Glaser, J., & Salzberg, G. (2011). The Strategic Application of Information Technology in Health Care Organizations (1st ed.). California: Jossey-Bass.
Grando, M., Rozenblum, R., & Bates, D. (2015). Information Technology for Patient Empowerment in Healthcare (1st ed.). Berlin: Walter de Gruyter.
Humer, C., & Finkle, J. (2017). Your medical record is worth more to hackers than your credit card . Reuters . Retrieved 9 May 2017, from http://www.reuters.com/article/us-cybersecurity-hospitals-idUSKCN0HJ21I20140924
Institute for Critical Infrastructure Technology. (2016). Hacking Healthcare IT in 2016 (pp. 8-12).
Jones, S., & Groom, F. (2011). Information and Communication Technologies in Healthcare (1st ed.). Florida: Auerbach Publications.
KPMG. (2017). Health Care and Cybersecurity: Increasing Threats Require Increased Capabilities (pp. 1-6).
Patient Empowerment Campaign . (2017). Eu-patient.eu . Retrieved 9 May 2017, from http://www.eu-patient.eu/campaign/PatientsprescribE/
PHI and PII Definition and Data Elements | iDASH . (2017). Idash.ucsd.edu . Retrieved 9 May 2017, from https://idash.ucsd.edu/phi-and-pii-definition-and-data-elements
Ratliff, E. (2017). Writer Evan Ratliff Tried to Vanish: Here's What Happened . Wired.com . Retrieved 9 May 2017, from https://www.wired.com/2009/11/ff_vanish2/
