Protecting Healthcare Data IntegrityRod Piechowski of HIMSS Discusses Emerging Threats, Mitigation Steps
In the year ahead, healthcare organizations must be prepared to face an assortment of advancing, serious security threats, including those that can potentially damage the integrity of critical patient data, says Rod Piechowski of the Healthcare Information and Management Systems Society.
He predicts that hackers will "start to modify data used to analyze or provide treatment decision-support - that's going to be a problem."
Plus, he says attackers will increasingly leverage artificial intelligence. "It's much easier to create credible looking phishing, credible sounding vishing [voice phishing] using artificial intelligence."
One key step to improving defenses, he says, is for organizations to "get rid of legacy systems, which are just sitting ducks. That [legacy] system itself might not have critical data, but it's a gateway into the rest of your network," he says in an interview with Information Security Media Group.
"The people who are doing these attacks are very patient; they will get into a network and sit there sometimes for months and just plant a piece of code here and there, and they will watch and build a map of how that organization works."
That's why it's so critical to have security team members who focus on data integrity, he adds.
In this interview (see audio link below photo), Piechowski also discusses:
- Key findings from the recently released HIMSS 2020 cybersecurity survey;
- Why some healthcare organizations still don't conduct comprehensive enterprise security risk assessments;
- Important privacy and security lessons from the COVID-19 pandemic.
As vice president of thought advisory at HIMSS, Piechowski works on an array of issues, including health data privacy and security. He was previously HIMSS senior director of health information systems. Prior to that, Piechowski was senior associate director of policy at the American Hospital Association and vice president of technology leadership at the National Alliance for Health Information Technology.