Skip to main content
Skip to main navigation
Skip to footer

by Jim Massey
Published on January 12, 2018

Security threats are major concerns to health care organizations due to the value and vulnerability of clinical data that is being recorded and distributed. The value of the data comes from the fact that it is historical in nature, it directly affects our ability to safely treat patients, it takes a long time to rebuild, and it contains more than just clinical data, such as personal, financial, and demographic data which allow it to be used for wider identity theft. It is persistent, whereas you can change credit cards and their passwords, PINs and account numbers in the event of a breach, you cannot change your mother’s maiden name. The vulnerability comes from the fact that there has been a revolution in health care with the interconnection of systems, cloud computing, IOHT and mobile devices and the changes in working practices of clinicians, such as remote monitoring, telemedicine, and working from home. This revolution has not always been matched with the security awareness, policies, practices, and budgets of health care organizations.

There has been an increasing sophistication of attacks using social engineering techniques (e.g. Phishing) that can overcome “traditional” defenses such as anti-virus, rule and signature based detection systems. But before looking at what new AI based tools can do for organizations, I would like to suggest that these are only more sophisticated tools, and without the basics in place they will fail to deliver on their promises.

Good systems management is important, keeping not just the central servers up to date with security patches but also connected devices, and to do this, assessments of suppliers’ security policies and procedures should be a key part of your procurement department’s process for selecting devices which may be attached to the system.

Information Governance is key, defining critical data, knowing how the data is managed both in transit and at rest, and having defined, usable policies and processes, is much more important than adding more technology to a fractured system. Similarly, education and awareness are necessary so that everyone on the system is regularly made aware of these policies, not just on induction day. As threats are evolving, staff should be kept aware of the people side of security with ongoing campaigns such as anti-phishing behavior management. However, all this is just guess work if you do not know how effective it all is and there should be regular penetration testing of the systems to ensure that you know your defenses are up to date and effective.

Doing all of this means there is a shortage of security experts to help ensure your custody of your patients’ data remains as effective as time moves on, this is where AI and Machine Learning may be able to help healthcare cyber security. However merely purchasing new tools does not improve defenses, they need to be deployed, maintained and monitored to provide effective defense.

Security Information and Event Management (SIEM) software products and services provide real-time analysis of security alerts generated by network hardware and applications and are also used to log security data and generate reports for compliance purposes. By combining this real-time data gathering with Threat Intelligence, extending the storage of this data over time and applying the enhanced analytics capabilities that come with Machine Learning and AI techniques, it improves the detection of attacks around the clock with less skilled staff. By looking at past performance it becomes possible to analyze user and device behaviors to detect activity that is out with the expected patterns from the devices or users much quicker and more accurately than human observers can.  This use of AI in health care cyber security is becoming more and more important for protection of on-site systems and as health care networks expand and data and processing gets pushed out into the “cloud”.

Ai and Machine Learning offers health care organizations a way of securing their patients’ data as health care evolves, without relying on scarce high-cost skills, but will only meet its promise if the basics of information governance, awareness and education are in place first.

Re-imagining medicine

by Michael Pomerance
August 8, 2018
In many ways, you can judge the state of a civilization by the condition of its health care. A country’s ability to run or support an effective health care system, whether public or private, reflects not only on its technology, but its ability to provide a good quality of life for its citizens. However, as populations swell, the pressure on health care systems increases. Fortunately, technology is also developing quickly, and with it, Cerner has found a way to re-invent its approach to health care.

Read full post

Bringing technological advances in health care for United Arab Emirates Vision 2021

by Bachir Awad | Michael Schelper
July 23, 2018
The United Arab Emirates (UAE) is leading the way when it comes to digitizing the health care industry space keeping the consumer at the centre of the system. The way we receive services is going to change. Just look at the UAE’s Vision 2021, which includes improving health care for a smarter city.

Read full post

The challenges and uses of AI and Machine Learning in Healthcare

by Jim Massey | Dr. Yasir Khan
July 5, 2018
Artificial intelligence will be accepted as the supporting tool which will greatly enhance the accuracy and relevance of clinical decision making, just like stethoscope, ECG and Echocardiogram has done in the past. It will lower the cognitive load and open new dimensions for care providers.

Read full post