Why healthcare needs strong cybersecurity collaboration and standards – now

Dr. Sean Kelly, Imprivata Chief Medical Officer

Our thought leadership blog provides valuable perspective on the importance of strong collaboration and the establishment of equitable standards in advancing healthcare cybersecurity. Read more!

As a practicing emergency physician, I grapple with the access and security challenges faced by healthcare organizations every day. At the heart of it is the need to remove barriers to access for clinicians without compromising privacy or data security. Despite these challenges, at Imprivata, we love working with healthcare systems to enable secure digital transformation that helps ensure patient safety while enhancing care quality. And given today’s cyberattack landscape, the stakes have never been higher.

With that in mind, here's a look at why we need to act now to collaborate to achieve healthcare cybersecurity advances, including the creation of realistic standards that benefit all stakeholders.

The unique vulnerabilities and complexity of the healthcare sector have made the industry’s cybersecurity efforts extremely challenging, to say the least. The vulnerabilities driven by healthcare’s position as a prime ransomware target – along with its many layers of interconnected devices and ever-expanding web of dependencies – have made it difficult for organizations to keep pace in managing risks. Making a meaningful impact will require strong industry collaboration and the creation of equitable, government-funded security standards.

These challenges are underscored by the deep, widespread effects of the early 2024 Change Healthcare breach, which jeopardized personal information, as well as billing, claims, and payment systems, grinding revenue processing to a halt. The landmark breach also highlights the need for more robust security controls, including the ability to better protect sensitive data accessed by third-party vendors. And in the case of attacks that result in EHRs and devices being locked down, consequences can extend to patient safety – including mortality rates.

The challenges are especially alarming for small, rural hospitals, many of which struggle withsignificant resource and financial constraints. The solution? Proactive efforts among healthcare stakeholders to voice their concerns and engage in close collaboration to move the needle when it comes to advancing cybersecurity. It’s clear that solutions need to include the creation of minimum security standards supported by federal government funding – whether that be via grants, incentives, subsidies, technical support, or training. Making that happen will require bipartisan legislative cooperation, and the timely enacting of this relief is paramount.

In the meantime, the Healthcare Sector Coordinating Council (HSCC) website offers free cybersecurity clinical workflow mapping and incident response resources, as well as a strategic five-year cybersecurity plan.

To gain additional perspective on these issues, watch the Imprivata Live industry expert roundtable discussion: A Collaborative Approach to Addressing Healthcare Cybersecurity.