Home » Startup CEOs and Investors » Currently Reading:

Startup CEOs and Investors: Matthew B. Smith

January 28, 2015 Startup CEOs and Investors No Comments

Where’s the Interest in Healthcare Cybersecurity?
By Matthew B. Smith

image

The President’s State of the Union (SOTU) address mentioned cybersecurity concerns and might serve as a rallying cry for greater adoption in the healthcare industry. We certainly must hope the address will spark a more forceful interest in healthcare cybersecurity.

It is curious how the many non-healthcare breaches (principally banks and retailers) that have received national attention and the financial penalties to healthcare providers under HIPAA and HITECH who have suffered lost and breached patient data (though less well-publicized in the national media) have not caused the groundswell of attention to this issue. As patients assume a far greater role and informed involvement in their care, the security of their personal medical information should elevate as a concern.

However, I do expect that the older generation, as characterized by the Baby Boomers, will express a far greater concern about medical data security. The Xers and Millenials don’t seem to hold personal information in the same high regard as the oldsters and may not be as demanding about its importance. Social media seems to have not created a concern about personal information security among them. It would be a great mistake to assume that this is the standard for healthcare cybersecurity. The higher medical users (chronic and elderly) will be the drivers of this requirement as they will be in more consistent contact with the system.

It is curious that medical device, equipment, and instrumentation (DEI) manufacturers have not stepped up in unison to include cybersecurity as a component of their products. I suspect that EHR vendors and providers (especially those with foresight) who see mobile diagnostics and therapeutics as a reimbursable and cost-effective (we hope!) means of care delivery will be the motivators of this adoption. Patients as consumers will also drive this for reasons noted above. What also is desperately needed is national healthcare cybersecurity standards or certifications so that DEI makers will have an easier time incorporating these much-needed technologies to secure medical information, regardless of the source or the recipient of the medical data.

As a frontline participant in the battle for total healthcare data security, we are finding the education of the DEI makers to be the evolutionary equivalent of watching dinosaurs become extinct. The way to true healthcare data security will have to make it easy for DEI makers to adopt independent third-party data security. Too few have shown the foresight to lead in this setting, citing communications with EHRs and other issues as more pressing coupled with them not hearing a demand from their provider clients. Perhaps they are not listening very well.

National technical standards, well documented for other industries, hold the answer for our industry as the approach so the DEI folks can simply pick and choose a qualifying technology that meets the standards. The DEI folks also show a bewilderingly sad understanding of where the Affordable Healthcare Act is taking reimbursement, which we fundamentally believe will do away with the DEI capital budget and replace it with access to these products on a monitored per use/per subscription/per census day or equivalent acquisition payment mechanism with healthcare cybersecurity monitoring embedded in the payment schema.

The precedents for this movement can be seen in the historic reimbursement changes wrought when DRGs were instituted, when cancer centers were developed, and when patient advocacy services arose. All met opposition, but became new ways of conducting business in the industry. Now is the time for the insistence upon healthcare cybersecurity information technology.

Dinosaurs beware!

Matthew B. Smith is president and CEO of
SecLingua of Shelton, CT.

View/Print Text Only View/Print Text Only


HIStalk Featured Sponsors

     







Subscribe to Updates

Search


Loading

Text Ads


Report News and Rumors

No title

Anonymous online form
E-mail
Rumor line: 801.HIT.NEWS

Tweets

Archives

Founding Sponsors


 

Platinum Sponsors


 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Gold Sponsors


 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Reader Comments

  • HIT Observer: What I find most interesting here, is people defending their common practices rather than truly taking this as invaluabl...
  • Bob: There's no incentive for the provider to spend time doing a price comparison for the patient. Nor is it a good use of th...
  • Peppermint Patty: Veteran - can you clarify what was "fake "? Was something made up (definition of fake) or did you disagree with Vapo...
  • Pat Wolfram: Such a refreshing article. Thanks -- there really can be a simpler version of an acute HIT implementation. But I do ...
  • Woodstock Generation: Bravo to HIStalk's Weekender recaps and other news/opinions. I read it first thing on Monday mornings..................
  • Veteran: #fakenews...
  • Vaporware?: Secretary Shulkin: "the American healthcare system hasn’t yet figured out interoperability, but the VA can lead the wa...
  • Justa CIO: The reported go live date for McLaren Oakland is wrong. There are no dates set for activations for any locations. Post...
  • Brian Too: I admit I am partial to the quoted ICD-10-CM of "S07.9XXA Crushing injury of head, part unspecified, initial encounter....
  • Cosmos: As others in the comments section have pointed out before, GE's EMR for athletes is ironically a health record for the h...

Sponsor Quick Links