Change Healthcare incident sends a reminder about the importance of tech investment

0


A nurse prepares the Pfizer Covid-19 vaccine at a public housing project pop-up site targeting vulnerable communities in Los Angeles. — Photo: © AFP

The Change Healthcare breach continues to impact the healthcare industry throughout the U.S., Lisa Plaggemier, Executive Director of the National Cybersecurity Alliance (NCA), tells Digital Journal about the lessons learned for healthcare companies, consumers, and the government.

The company is used by pharmacists to check patients’ eligibility for treatments and process orders for medication given their insurance situation.

READ MORE: US healthcare provider suffers cyberattack

To remind readers about the issue, Plaggemier states: “The cyberattack on UnitedHealth Group and Change Healthcare serves as a stark reminder of the critical need for robust cybersecurity measures within the healthcare sector.”

In terms of the types of responses needed, Plaggemier notes: “Healthcare organizations must prioritize comprehensive risk assessments and implement stringent security protocols to safeguard sensitive patient data. This includes regular security audits, employee training on cybersecurity best practices, encryption of data both at rest and in transit, and proactive monitoring for suspicious activities.”

As a second recommendation, Plaggemier puts forward: “Investments in cutting-edge cybersecurity technologies and partnerships with reputable cybersecurity firms can bolster defences against evolving cyber threats.”

There are other measures to adopt, with Plaggemier proposing: “The incident highlights the indispensable role of government oversight and regulation in safeguarding healthcare data. Government agencies, such as the Department of Health and Human Services’ Office for Civil Rights, play a vital role in enforcing compliance with health privacy laws, such as the Health Insurance Portability and Accountability Act (HIPAA).”

Getting to the root cause matters. Plaggemier thinks: “Through rigorous investigations and enforcement actions, regulatory bodies can hold healthcare entities accountable for lapses in data protection and ensure swift responses to cyber incidents. Moreover, collaboration between government agencies, law enforcement, and private sector stakeholders is essential to enhance threat intelligence sharing and coordinate responses to cyber threats, ultimately bolstering the resilience of the healthcare sector against future cyberattacks.”

There are also implications for stakeholders. Plaggemier recommends: “In light of the recent cyberattack on UnitedHealth Group and Change Healthcare, consumers and patients also play a crucial role in protecting their personal health information. One key step is to remain vigilant about sharing sensitive data, both online and offline, only with trusted healthcare providers and entities.”

Furthermore, Plaggemier thinks that: “Patients should inquire about the security measures implemented by their healthcare providers, including encryption protocols and data breach response plans. Additionally, individuals should regularly review their medical bills and insurance statements for any discrepancies or unauthorized charges, which could indicate fraudulent activity.”

Other protective measures include “maintaining strong, unique passwords for healthcare portals and enabling multi-factor authentication can add an extra layer of security to personal health information. By staying informed, vigilant, and proactive, consumers can contribute to safeguarding their own health data and mitigating the risks posed by cyber threats in the healthcare sector.”


Change Healthcare incident sends a reminder about the importance of tech investment
#Change #Healthcare #incident #sends #reminder #importance #tech #investment

Leave a Reply

Your email address will not be published. Required fields are marked *