Healthcare CEO Does Not Mention Cybersecurity

It looks like Lynn Vos has a Blog at the Huffington Post and her latest post:

“Luddites and Errors and Barriers, Oh My!”

She makes some good points that it is difficult if not impossible to contact your doctor via email.

several studies are cited that show healthcare providers are difficult to contact via methods that the general public is growing accustomed to for the most part.  Nielsen Study

 

The most interesting thing about the whole article is that she does not mention the potential security implications of insecure email?

 

The Operating room procedural failure is documented where 5% of medications were incorrect in some manner (wrong type – dosage, etc) .

An interesting quote:

Tejal Gandhi, president and chief executive of the National Patient Safety Foundation, summed up the study findings pretty well: “Boy, we still have a lot of work to do. If it happens at MGH, it can happen anywhere.”

There are likely good reasons for going slow and getting the Healthcare Cyber equation right.

Cybersecurity and mistakes could kill in operating room and medications etc.

The issue is getting medicine right is difficult enough as it is, (as mentioned in article 5% of diagnosis is wrong in some way).

hospitalshacked

I want to amend Dr. Ghandi’s phrase:

” We still have a lot of Cybersecurity work to do to our healthcare infrastructure”   because it looks like we as Cybersecurity professionals have a lot of explainin to the CEO’s .

My previous blogposts on healthcare:

http://oversitesentry.com/healthcare-data-at-risk/

 

Lynn Vos and all healthcare CEO’s need to get up to speed with the high value of healthcare data that criminals have. They sell the data among each other…

One of my previous posts said this:

So unfortunately many people’s medical records will have to be hacked and sold on the black market before changes are made.

at http://oversitesentry.com/will-2015-be-the-year-of-health-record-hacks/

 

It is wise to review this little nugget as well:

If a medical record was stolen how would we know?

“Medical identity theft is often not immediately identified by a patient or their provider, giving criminals years to milk such credentials. That makes medical data more valuable than credit cards, which tend to be quickly canceled by banks once fraud is detected.”

Here is where I must remind to use a feedback loop with Cybersecurity tests while building IT.

systemengineeringassecurity