Hospitals face a threat as lethal as any super bug, which may invade its hallways and operating rooms, and strike patients with ruthless efficiency.
Both threats are invisible to the naked eye. And, while one kills indiscriminately and resists the most potent medicines scientists can unleash against it, the other, while not physically dangerous, is deadly just the same.
I refer to the wholesale theft of confidential data by hackers and cyber thieves.
These criminals focus on hospitals and related institutions, in an effort to acquire and exploit everything from electronic medical records, financial information, banking and insurance materials, as well as reams of private correspondence and invaluable intellectual property.
The reason hospitals are such inviting targets for these attacks is because of a false sense of security – a suspension of disbelief shared by other organizations, in other industries, at home and abroad – about the very nature of encryption.
That is, existing forms of encrypting data have so many vulnerabilities that data is neither safe nor, in fact, fully encrypted.
I write these words from experience, where, in my role as Founder of Impervio E-IRM System (Enhanced Information Rights Management), I seek to empower hospitals against these threats.
I also offer this commentary not as a form of criticism, but as a call to action, because many hospital administrators do not know or belatedly discover (much to their detriment) that their supposedly impenetrable circle of defense – imagine a 50-foot concrete and steel enclosure, topped with layers of razor wire – is, upon closer inspection, cracked, frayed and open to intruders.
The encryption codes that should take hackers 3,000 years to break are already broken. Whatever deterrent they once possessed is over, as cyber thieves continue to burrow under or cavalierly walk through this hollow facade of defense.
Stopping these invaders – repelling their advances, and reclaiming territory ceded to these criminals – must be an urgent priority for hospitals nationwide.
Indeed, my stake in this matter is far from academic. I believe we have a right to privacy, one that is as fundamental online as it is offline. Impervio is a testament to this commitment because it is, without exaggeration or any overly generous interpretation of the word, impenetrable. (Or: If hospitals classify data as morally inviolable, then they should make that data impossible – yes, impossible – to breach.)
At the same time, we must broaden our vision of hospitals, from centers of healing and critical care, which they must always be, to outposts of technological complexity, which they must now protect.
Please note: I do not intend to sound or act like an alarmist. I am, instead, a realist whose comments may trigger an alarm to action. In that respect, I welcome this call to duty; I encourage hospitals to take the lead on this issue.
The benefits of doing so are twofold.
One, hospitals have a duty to ensure the safety of a wealth of information. Giving these organizations the tools to accomplish this mission is mandatory.
Laws demand this compliance, and regulations enforce this edict.
Secondly, hospitals can enhance their own standing in their respective communities – they can earn the goodwill of the patients they treat – by delivering the peace of mind these men and women deserve, with regard to encryption and data protection.
Hospitals should seize this opportunity because, in their additional assignment as sources of popular education and civic activity, they can be trusted outposts for the good of all.
This position enables hospitals to stop an imminent threat, while awarding them an honorable mission to be tribunes of personal health and digital safety.
True encryption starts with an acknowledgment of the deficiencies hospitals face, and the solutions they must embrace.
With transparency about their goals, and backed by proof of their newly fortified and encrypted files, hospitals can inspire a security revolution across the broad expanse of health care.
Now is the time for hospitals to fulfill this obligation with resolution – and results.
Now is the time to successfully encrypt data.
Randy Reaney is the Founder, Co-CEO of Impervio Technologies Inc. www.impervio.com, a dynamic new software company based in Toronto, Canada specializing in impenetrable Cyber Security Automation and which is comprised of some of the world's brightest and most sought-after security, software and technology experts. He has over twenty-five years of global business experience with organizations in the software, banking, real estate, media, sales and marketing fields. During his career Randy has been involved in numerous successful start-ups with very a successful track record in marketing and sales and rapid business growth. Randy has successfully launched, and built various companies in different market sectors.
He was Vice President of Sales & Marketing at Nuva Technologies Inc. from 2004-2011. Nuva Technologies Inc. (www.nuvatech.com) is a Toronto-based global, total solution provider for the Digital Media Industry and marketer of the World's # 1 Rated Digital Signage Software Platform and high-quality, state-of-the-art, patent pending AVITAR software - viewer recognition, tracking and reporting technology. Randy was also Co-Founder, President and CEO of a bankcard company that specialized in the private label bank POS terminal industry. He was directly involved in the company's infrastructure, organization, and corporate financing. Randy was instrumental in negotiating a joint venture partnership with Scotiabank, one of Canada's major banks, which allowed the bankcard company to quickly become the industry leader in the bank POS market within the first few months of operation of the company.
The views, opinions and positions expressed within these guest posts are those of the author alone and do not represent those of Becker's Hospital Review/Becker's Healthcare. The accuracy, completeness and validity of any statements made within this article are not guaranteed. We accept no liability for any errors, omissions or representations. The copyright of this content belongs to the author and any liability with regards to infringement of intellectual property rights remains with them.