Implementing Blockchains for Efficient Health Care: Systematic Review

The storage and sharing of medical data (developing interoperability) are vital for improved health outcomes. Respecting privacy of sensitive information while doing this remains a big challenge in health care. The literature shows that with the appropriate regulatory guidelines and use standards, blockchain can act as a vehicle to manage consented access to EHRs. This will increase interoperability without compromising security, while also protecting patient privacy. These issues would most effectively be tackled by the use of a private or consortium-led blockchain; however, this would need to be regulated to ensure appropriate use of data. The improved interoperability and reduced long-term administrative costs would lead to improved health outcomes.

Blockchain represents a new form of technology in which the current literature is lacking in this application context, and no usage feedback or statistical comparisons with traditional systems exist. There are costs associated with transferring to a new system, and in educating health professionals and patients on how best to take advantage of it for improved health. Blockchain involves concepts unfamiliar to the vast majority of the population, such as cryptographic signature and key management. Investments into new systems would, however, be outweighed through returns. In the primary stages of implementation, the practical usefulness of the proposed system will likely depend on the end-user experience—the complexities underlying the blockchain will need to be hidden behind a sufficiently user-friendly interface such as an online or mobile app to be adopted successfully. Short-term trials will outline the most effective ways to implement such a user-friendly experience, which may be expanded thereafter.

The full article can be downloaded below.  

Confronting One Of Healthcare’s Biggest Challenges: Cyber Risk

Online attackers are keen to steal healthcare data or hold it for ransom for a simple reason—the return on investment. That’s one reason why healthcare firms are one of cyber criminals’ favorite target. In 2017, a typical healthcare organization suffered an average of 32,000 intrusion attacks per day, compared to 14,300 per day at organizations in other industries. Personal health information is 50 times more valuable on the black market than financial information, according to Cybersecurity Ventures, and stolen patient health records fetch upwards of $50 per record (10 to 20 times more than credit card information).

One big cause: Healthcare security teams unintentionally leave gaps in online security by not implementing security tools which, while important, might slow or block the flow of medical data that clinicians need at a moment’s notice. That’s a scary scenario for patients and clinicians, who are caught between the need to maintain access to critical-care machines and data, while also pushing back against hackers intent on making a quick buck.

The full Forbes article can be viewed at this link.  

Achieve Privacy-Preserving Priority Classification on Patient Health Data in Remote eHealthcare System

The Wireless Body Area Network (WBAN) has attracted considerable attention and become a promising approach to provide a 24-hour on-the-go healthcare service for users. However, it still faces many challenges on privacy of users’ sensitive personal information, confidentiality of healthcare center’s disease models. For this reason, many privacy-preserving schemes have been proposed in recent years. However, the efficiency and accuracy of those privacy-preserving schemes become a big issue to be solved. In this paper, we propose an efficient and privacy-preserving priority classification scheme, named PPC, for classifying patients’ encrypted data at the WBAN-gateway in a remote eHealthcare system. Specifically, to reduce the system latency, we design a non-interactive privacy-preserving priority classification algorithm, which allows the WBAN-gateway to conduct the privacy-preserving priority classification for the received users’ medical packets by itself and relay these packets according to their priorities (criticalities). Detailed security analysis shows that the PPC scheme can achieve the priority classification and packets relay without disclosing the privacy of the users’ personal information and confidentiality of the healthcare center’s disease models. In addition, the extensive experiments with an android app and two java server programs demonstrate its efficiency in terms of computational costs and communication overheads.

The full article can be downloaded below.  

2019 HEALTHCARE TRENDS FORECAST: THE BEGINNING OF A CONSUMER-DRIVEN REFORMATION 

The well-known proverb “may you live in interesting times” is considered by many to be a blessing, yet others believe it is actually an ancient curse. People’s interpretation tends to correspond with their own appetite for change, as well as their comfort (or lack of) in the face of ambiguity. Regardless of the adage’s origin and intent, many would agree that these are interesting times for healthcare. In fact, at HIMSS we believe healthcare is currently undergoing a period of reformation on a scope and scale that is unmatched.

A perfect storm of factors – including the shift toward value-based care, rising costs, health system consolidation, the approaching silver tsunami, regulatory pressures, increased consumerization, major technology players entering the market and the ever-expanding potential of digital health tools – are coalescing and fundamentally disrupting business models. Traditional healthcare institutions are in reactive mode. Upstarts are finding that healthcare is not as easily disrupted as industries like retail. For nearly everyone, there are more questions than answers.

At HIMSS, we believe it is our responsibility to help the industry make sense of these changes and tap into the promise and potential of information and technology. With that premise, we are introducing an annual forecast report. Bringing together insights from leadership across HIMSS and our subsidiaries, we’re aiming to shine a light around the corner and help illuminate the path to clinical and financial health.

Read on for our predictions for the industry in 2019.

The full article can be downloaded below.  

MEDICAL DEVICE AND HEALTH IT JOINT SECURITY PLAN

The Healthcare and Public Health Sector Coordinating Council (HSCC) is a coalition of private sector, critical healthcare infrastructure entities organized under Presidential Policy Directive and the National Infrastructure Protection Plan to partner with government in the identification and mitigation of strategic threats and vulnerabilities facing the sector’s ability to deliver services and assets to the public. The HSCC Joint Cybersecurity Working Group (JCWG) is a standing working group of the HSCC, composed of more than 200 industry and government organizations working together to develop strategies to address emerging and ongoing cybersecurity challenges to the health sector. This Medical Device and Health IT Joint Security Plan is the product of a task group established under the auspices of the HSCC JCWG and composed of medical technology, health IT and health delivery organizations, as well as the FDA, to address a major recommendation of the Health Care Industry Cybersecurity Task Force report from June 2017 calling for a cross-sector strategy to strengthen cybersecurity in medical devices.

The full plan can be downloaded below.  

Improving Medical Device Security Beyond Patching, Traditional Tools

Medical device security was thrust into the spotlight in 2018, as the Food and Drug Administration continued to bolster its cybersecurity program. In fact, an August MedCrypt report found that since the FDA released its cybersecurity guidance in 2016, medical device vendors reported 400 percent more vulnerabilities per quarter.

The increase in disclosures is a sign of growing compliance and maturing security risk assessments – and the hope that healthcare is beginning to move the needle on device security.

Best Practices

• A unified strategy - Biomedical and IT should collaborate on device security.
• Monitor traffic - Watch traffic for any rogue communication.
• Partner with device manufacturers - Getting inside information on what devices should be doing can help identify compromised devices.
• Awareness - Appreciate and accept that different approaches are needed to secure medical devices.

The full Healthcare IT Security article can be viewed at this link. 

What Does Healthcare Cybersecurity Look Like in a Future of Connected Medical Devices?

As technology continues to transform the way healthcare is delivered, the industry is burdened by the growing cybersecurity risks inherent in the expansion of connected devices. Understanding that each connected device opens another pathway for threat actors, it’s incumbent upon device manufacturers to keep security foremost throughout the development life cycle.

The question is, how can manufacturers ensure the security of the devices they create? Furthermore, what can healthcare companies do to mitigate the risks inherent in the future of healthcare cybersecurity?

The full Security Intelligence article can be viewed at this link.  

Experian, Change Healthcare collaborating on new identity management platform

Change Healthcare and Experian Health have joined forces to develop new technology for the accurate identification of patients across care settings.

Officials from both companies said the platform will build on Experian Health identity management tools and work with Change Healthcare’s Intelligent Healthcare Network, helping match patient records across payers, providers and other healthcare organizations nationwide.

The full Healthcare IT News article can be viewed at this link.  

  IBM exec on the ins and outs of securing internet of things devices in healthcare

The Internet of Things is a phenomenon with which healthcare CIOs, and just about everybody else, are by now quite familiar. Smartphones can control the lights in homes and manage security systems, for example. In healthcare, implanted medical devices can communicate with providers via the web.

But there's still a big learning curve ahead for IoT, especially with regard to security.

“Since data is the coin of the realm in healthcare, this phenomenon has been embraced by makers of medical equipment and has spurred innovation in a great many cases,” said Matthew Broomhall, CTO  of technology support services for healthcare at IBM. “If you contrast this to information technology as we understand it today, IT has had years to implement programs to protect IT assets and data.”

But while that has matured, the management and protection of the Internet of Medical Things is not yet at the same maturity level, he said. CIOs and CISOs now must accelerate programs to insure their medical devices are protected and therefore the data these devices generate and exchange.

The full Healthcare IT News article can be viewed at this link.  

Amulet: an open-source wrist-worn platform for mHealth research and education

The advent of mobile and wearable computing technology has opened up tremendous opportunities for health and wellness applications. It is increasingly possible for individuals to wear devices that can sense their physiology or health-related behaviors, collecting valuable data in support of diagnosis, treatment, public health, or other applications. From a researcher’s point of view, the commercial availability of these “mHealth” devices has made it feasible to conduct scientific studies of health conditions and to explore health-related interventions. It remains difficult, however, to conduct systems work or other experimental research involving the hardware, software, security, and networking aspects of mobile and wearable technology. In this paper we describe the Amulet platform, an open-hardware, open-software wrist-worn computing device designed specifically for mHealth applications. Our position is that the Amulet is an inexpensive platform for research and education, and we encourage the mHealth community to explore its potential.

The full article can be downloaded below.