“It is only when a digital failure or a data breach happens, then do we realise the power of the machine and how it can cripple an organisation due to a vulnerability,” expressed KV Kumar, CIO, Narayana Health in his presentation on how imperative it for healthcare organisations to have the right level of cyber security.
Kumar also pointed out that India does not have the precise account of all the data breaches happening in the healthcare sector when compared to the rest of the world. Sharing some global data on cyber security last year, Kumar pointed out that the cost of a cyber security event globally has been close to $800 billion. At least four out of five physicians in the US have experienced some sort of a cyber security event. The cost of healthcare data breach has been around $408 billion. “Therefore, with increased penetration of technological systems in Indian healthcare, organisations will need to ensure that all cyber security essentials are met at their hospitals and clinics,” he highlighted.
He then went on to explain that hospitals deal with multiple partners — doctors, patients, insurance companies, technology companies and more. “Since healthcare has done digitalisation and digitisation, there is an expanded data flow. Moreover, hospitals have multiple players who interact with data. Now with increased penetration of digital technologies, hospital systems become more vulnerable. This raises many challenges to the security provider,” Kumar alerted the audience.
He also raised an alarm on the rise of cyber security issues that stem for internal employees from within healthcare organisations, therefore urging healthcare leaders to ensure that their system is secured at all
levels.
“Major hacks in privacy are due to privileged misuse; people must be educated to prevent such misuse. “Using a single source of identity, infrastructure monitoring, thoughtful password management and periodic audits help prevent cyber crimes,” he maintained.
Moving forward, he spoke on frauds related to billing, pharmacy and more. He also urged the audience to educate hospital employees on these kind of fraud and create filters for the same. In the end, he stressed upon the fact that hospitals need to devise an effective cyber security strategy for their organisation to avoid huge loss and protect patient and hospital data.