What’s Ahead for Health Data Privacy, Security in 2019?

What's Ahead for Health Data Privacy, Security in 2019?

This was an eventful year for healthcare cybersecurity and privacy incidents and developments. But what’s ahead for 2019? Here are eight predictions.

1. The Department of Health and Human Services’ Office for Civil Rights will release proposed updates for the HIPAA security and privacy rules. Based on continued pressure from local, state and federal government agencies, law enforcement, researchers and others to ease the sharing of patient and mental health data by removing the need to obtain patient consent, I expect to see OCR issue proposed HIPAA updates. That will result in significant backlash from privacy rights organizations, many technology businesses as well as significant portions of the general public.

2. The types of ransomware — and size of ransoms demanded — will grow. Just because there were fewer reported ransomware incidents in 2018 than in 2017 doesn’t mean there actually were fewer ransomware incidents. Organizations are increasingly simply paying the ransoms and not reporting the ransomware attacks.

Cybercrooks are getting rich from the ransoms that organizations are paying. Too many healthcare executives are paying ransoms because they see this as the quickest way to get back to normal processing — largely because they lack a good business continuity plan.

The ransomware attacks will evolve to target individuals, such as top executives, along with the many new types of IoT devices. Ransomware will also disable medical devices and surgical devices, impacting patients’ safety and health. And as more cybercrooks take copies of the patient data, they’ll cause additional significant harm.

3. Unsecured medical devices will lead to patient harm.The security of medical devices has gotten worse, not better, throughout 2018. And now, with more remote access — including through mobile devices — those whose lives depend upon the medical devices are at greater risk. As a result, 2019 may be the year that the first death occurs through exploitation of medical device security vulnerabilities.

4. Increased use of IoT devices will lead to more security incidents and breaches.

Posted on 7wData.be.