30% of clinicians have had their patients data compromised

Research from Kaspersky, a global cybersecurity and digital privacy company, has shown that during remote consultations 30% of healthcare providers have admitted that their employees compromised customers’ personal data.

Kaspersky was founded in 1997 and is headquartered in Moscow, Russia. The company protects more than 400mn users and has 240,000 corporate clients.

Healthcare providers believe clinicians don’t understand how patients data is protected

The pandemic caused a mass transition onto digital health platforms and services, which has heaped on responsibility onto medical providers.

Kaspersky surveyed healthcare organisations across the world, to find out what telehealth problems were occurring and how they could be prevented. 

Further research showed:

• Close to half of providers believe that their clinicians ‘don’t clearly understand how patients’ data is protected’
• 67% say it is important for the healthcare sector to ‘collect even more personal information’ in order to ‘further industry development’
• Only 17% of healthcare providers said that their clinicians actually understood how their patients’ data was protected
• 54% of respondents admitted that some of their clinicians use FaceTime, Facebook Messenger, WhatsApp, Zoom, and other platforms for their remote sessions, despite those apps not being specifically designed for telehealth

According to Kaspersky, in order to decrease the risk of such problems, healthcare organisations should:

• Arrange their cybersecurity policy to cover the latest known threats 
• Provide employees with clear guidelines regarding such external services
• Install a password policy
• Offer all staff security training

Healthcare organisations must know the risks

Germany’s leading telehealth provider, Dr. Peter Zeggel, CEO of arztkonsultation, knows the risks in using apps not designed for telehealth. 

"Telehealth applications are specifically designed and certified to safeguard sensitive personal data”, said Zeggel. “Bypassing this high level of protection means risking loss of trust, disciplinary measures and heavy fines. Those who fail to put the right tools in place, could also violate billing requirements for telehealth and miss out on purpose-built telehealth features, such as integrations for patient records or the safe sharing of live data from remote devices.”

“To accelerate the evolution of digital health, we have to carefully curate, manage and govern sensitive health data”, said Prof. Chengyi Lin, Affiliate Professor of Strategy at INSEAD and a leading expert on digital transformation. “This information is also valuable to individuals and the healthcare system to improve outcomes and reduce costs. We have already seen encouraging results from using big data for better clinical trial design and reducing both time and costs. We can leverage technologies to ensure privacy while delivering the benefits, for example, using additional privacy measures to facilitate the adoption of AI.”

“The more complex and critical technology is, the more awareness it requires from people who work with it”, said Denis Barinov, Head of Kaspersky Academy. “This is particularly important for the healthcare industry entering the new digital stage and increasingly facing issues connected to privacy and security. But it's not only about awareness - for any security training to be effective, it should not only deliver up-to-date information but also inspire and motivate people to behave safely in practice.”