Forcepoint: healthcare industry failing patients with weak data protection

Duncan Brown, Forcepoint's chief security strategist for the Europe, Middle East and Africa region
Duncan Brown, Forcepoint’s chief security strategist for the Europe, Middle East and Africa region

A cybersecurity expert for one of the world’s biggest data protection specialists has warned that the healthcare industry is not doing nearly enough to protect sensitive patient information.

Duncan Brown, Forcepoint’s chief security strategist for the Europe, Middle East and Africa region, was speaking to ahead of Forcepoint’s upcoming roundtable discussion that will home in on data theft prevention strategies for the healthcare industry.

“The most concerning thing about healthcare is the nature of the data we’re protecting,” he said. “It’s personal, sensitive data. It must be protected as a priority.

“Doctors understandably want to see money spent on patients and not technology, but technology also helps to protect patients in other important ways. Healthcare providers owe it to patients to protect their data. Medical practitioners sometimes overlook the reality that that’s a moral obligation.”

Brown went on to highlight the need for a balance to be struck between protecting patient data but also sharing it where necessary if it can help to deliver an improved outcome.

“The second major issue is that as well as protecting data we also want to share it where appropriate,” he said. “If you see a GP and are referred to a specialist or consultant, you want data to be shared so that it doesn’t impair the right outcomes. There’s a balance that has to be struck of sharing data for medical and research purposes in a controlled, predictable way.”

Brown added that the healthcare industry has not yet done enough to prioritise data protection in the same ways that other critical industries have done.

“Health data has value,” he said. “If a credit card is stolen, the data value is measured in minutes and maybe hours – the time that the threat actor has to monetise it. Financial services companies and banks have the infrastructure and legacy to understand criminal transactions and fraud. That’s reassuring.

“Healthcare doesn’t have that background in protecting data. Banks cancel cards within hours. Healthcare data is stolen for life and can be monetised through being sold for blackmail and other sensitive means. It’s much more valuable to attackers.”

For more information on Forcepoint’s upcoming security roundtable for the healthcare sector, including agenda and registration details please click here >

Previous ArticleNext Article


The free newsletter covering the top industry headlines