https://www.antonym.io

Ever-Growing Need for Storage and Data Integrity in Healthcare

The advancement of technology has brought continued development in the field of healthcare by providing the industry with more sophisticated tools, better information, and powerful diagnostics. However, with continued advancements, the healthcare industry is facing great challenges in storing and managing large volumes of medical data. The data generated by the healthcare sector is expected to grow faster than other industries over the next six years with a CAGR of 36% through 2025.

If you are going to store lots of critical data in many places, you will need a way to insure that no one can hack in and change it.

INCREASING NEED FOR MORE DATA STORAGE IN HEALTHCARE INDUSTRY

• A report published by the IDC stated that the volume data sets generated in the healthcare industry are predicted to increase faster than all other industries over the next six years (2025). Due to the alarming rate at which data is being created by medical technologies, the healthcare industry will face various challenges in storing, managing, and handling extremely large amounts of data.
• The healthcare industry is predicted to grow the fastest, even surpassing the industry of Media and Entertainment. This significant growth is reflected in the advancement made in imaging technology and healthcare analytics that required large storage.
• Since healthcare providers have adopted the use of EHR or electronic health records, this industry faces a common problem of running out of digital storage. Three major advancements that are currently responsible for the continued and increasing amounts of healthcare data are wearables, medical imaging, and telemedicine.
• Medical images are found to create significantly large file sizes and the digital space needed is overreaching the healthcare providers’ current storage capacity. Organizations are actively working on solutions that take into consideration data security, next-generation firewall, cloud access, and understanding the complexity of HIPAA compliance to safeguard, store, and manage large volumes of data.
• According to the IDC report, there is no simple solution that can address all the challenges that are being faced by the healthcare industry regarding data growth and data security. Each healthcare provider would have to develop a purpose-built solution based on the company’s specific requirements such as security needs and data storage.
• Compared to other industries, the healthcare sector’s datasphere growth is expected to grow at a CAGR of 36% during the forecast period 2018–2025, followed by the manufacturing sector at 30%, global datasphere at 27%, financial services at 26%, and media and entertainment at 25%.
• Research conducted by IDC and a report published by EMC on health data volume states that the overall rise in healthcare data will reach 48% every year. In 2013, 153 Exabytes of healthcare data was recorded and the projected growth is expected to reach 2,314 Exabytes by 2020.

SOLUTIONS OF MANAGING EXTREMELY LARGE DATA SETS

• According to an article published by FirstLight, with the numerous data storage challenges that the healthcare industry will face in the coming years, there is no single solution that can address all data storage-related issues.
• It was found that not all HIPAA-regulated practices have the option of cloud-based solutions, but solutions through virtualization is a cost-effective and secure alternative. Data storage virtualization helps healthcare providers to design and develop solutions according to their specific requirements. For example, if an EHR service is running out of storage, the company can utilize a “software to pool leftover space from other servers and workstations to create one huge virtual drive”.
• The largest pain point for healthcare companies is trying to keep up with the storage demands of EHR (Electronic Health Records). Solutions that help with this problem must be flexible and secure to meet both, the needs of the patient and industry regulations.

DATA STORAGE BEING SOLD FOR CHEAPER/COMMODITIZED WITHOUT ENOUGH SAFETY/INTEGRITY OF THE DATA

• Data brokers and data sharing are two solutions that many healthcare providers are using to ease the demand for data storage. It is found that medical reports data brokers have no regulations in the United States. According to an article published by Diginomica, while doctors are prohibited from sharing patient information, healthcare information that data brokers obtain from third-party groups such as data from over-the-counter drugs is allowed.
• Data brokers are not held by medical privacy regulations in the United States because their data are developed to be anonymous consisting of only the doctor’s name, gender, and year of birth. The HIPAA law is found to govern only the “transfer of medical information that is tied directly to an individual’s identity”.
• Data security in the healthcare industry is at extreme risk due to data brokers. An example is Optum, a company that is owned by UnitedHealth Group, which has gathered prescriptions, tests, medical diagnosis, costs, and socioeconomic data belonging to 150 million Americans since 1993. While most of the information gathered cannot be held by HIPAA regulations, the socioeconomic data collection raises a red flag.
• It was also found that one particular data broker was found selling lists containing information of AIDs patients along with a list of domestic violence shelters, which are usually protected by law. The same broker was found selling a list containing information on individuals with addictive problems towards alcohol and drugs.
• According to Kaiser Health News, in the United States, thousands of EHRs remain disconnected. Digitizing healthcare data has restricted healthcare providers and at the same time empowered “the $13-billion-a-year industry that sells it”.
• EHR sellers are found inviting doctors to fancy hotels with deals that paid over $3,000 to healthcare professionals to trade in the current records system for a brand new one. For instance, in 2009, Athenahealth offered “invitation only” dinners for doctors at luxury hotels and advise them on “how to use the stimulus to get paid more and capture available incentives”.

HEALTH DATA AND MEDICAL RECORDS AREN’T SAFE NOW

• According to a report published by Becker’s, most often patient information and records can be found on the black market or the dark web. Data sellers provide patient records by hacking into the payer database or a hospital. For example, a dark web post indicated a seller providing children’s healthcare records from a pediatrician while another post advertised data of 397,000 patient records from a Georgia hospital database.
• Social Security numbers can be bought for as little as a dollar while credit card data is purchased for over $110 and patient records are sold for up to $1,000.
• Various reports on the subject have revealed that cyberattacks and ransomware are rising with healthcare being their biggest targets. Recently, Israeli researchers announced that they developed a computer virus that could add tumors to MRI and CT scans. This virus was malware designed to lead doctors to misdiagnose high-profile patients, according to The Washington Post.
• In 2017, thousands of computers across the world were infected with WannaCry cyberattack and “threw the United Kingdom’s National Health Service into chaos”. The Cybersecurity Task Force of the healthcare industry concluded that cybersecurity for this industry is at a “critical condition” Experts have revealed that the healthcare industry is dangerously lagging in terms of data protection which can lead to serious consequences.
• According to a report by CBS News, Protenus, a data protection company, revealed that in 2018 there were over 222 hacking incidents that affected over 11 million patient records.

The above statements and references encapsulate why we are on a mission to drive adoption of data integrity solutions.

How can healthcare organizations prove the integrity of their data at any moment, to themselves, a vendor, or a patient — whether they provide it or someone else does?

Use the metadata hash value that is generated at the point of original storage. Most modern storage apparatuses (eg. AWS, Azure, Dell, HP, IBM, etc.) have this. Ideally it is a 256-bit hash. We like the SHA-256 hash algorithm for a number of reasons.

Why do organizations need to store hashes with a third-party like Antonym or public blockchain?

It serves the same function as registering your website with a certificate authority. Store a record of your data (a hash) with a data registry (blockchain). When you need to validate it, you just check it against the HashRegistry. By doing so, it allows an organization to take advantage of the best storage opportunity for their data, regardless of who’s providing it. This third-party ledger acts as a “trust layer”.

Having a “trust layer” integrated with your data storage solution means not needing to implement expensive and complicated auditing mechanisms. It also means not needing to store expensive redundant backups for verification of critical data.

Auditing becomes as simple as re-hashing your data and verifying the hashes match.

https://www.antonym.io