DENVER, CO – In partnership with SecureSet, a Denver-based cybersecurity academy and accelerator, Prime Health held its first annual Health IT Cybersecurity Summit last Thursday. Featuring a range of discussions led by experts in the fields of cybersecurity and healthcare, the summit was attended by IT professionals, healthcare providers, government officials, and digital health entrepreneurs.
“Healthcare is rapidly evolving beyond a simple doctor’s visit into telemedicine, mobile apps, wearable tech, genomics, business intelligence, data analytics and much more,” said Jeffrey Nathanson, CEO of Prime Health. “Smart, effective cybersecurity must be built into every piece of the puzzle or all this innovation will be useless or even dangerous.”
As a first line of defense, many of the experts present at the summit advised healthcare providers to foster awareness of good security practices among their staff. From clinicians to administrators, healthcare professionals of all kinds were encouraged to learn how to avoid the types of cyber attacks that targeted the end users of health IT systems.
“By our nature, we are trusting individuals,” said Steve Kosten, a security consultant with Cypress Data Defense. “What we’re asking our users to do is go against that.”
But while the experts at the Health IT Cybersecurity Summit agreed that educating healthcare professionals offered a means of significantly reducing their vulnerability to attack, they were quick to point out that new technologies were adding further weaknesses due to their lack of strong security features. Medical devices connected to the Internet of Things (IoT) were highlighted by several experts at the summit as a potential source of new vulnerabilities in health IT systems.
“Each of your IoT devices is going to be unique in nature,” said Eric Klonowski, a threat research analyst at Webroot. “For that reason, they typically won’t have a mature security component.”
Throughout the summit, a robust and system-wide approach to cybersecurity was presented as the best means of protecting health IT systems from cybercriminals. But the speakers at the event were unanimous in stating that most healthcare systems were still far from taking such an approach.
“Cybersecurity is radically under-recognized in healthcare today, yet it is one of the most critical areas of health IT,” said Alex Kreilein, CTO of SecureSet. “Our goal is to elevate the cybersecurity conversation to the boardroom, where it should be viewed as a significant business operation, not simply an IT operation.”