Health Technology, AI
Article | July 18, 2023
The healthcare industry has become a prime target for cybercriminals in recent times.
According to The State of Ransomware in Healthcare 2023 report from Sophos, six in 10 healthcare organizations have been hit by ransomware in the last 12 months, up from 34% in 2021.
Among this uptick have been several headline-grabbing attacks. For example, Shields Health Care Group became the subject of the single-largest breach affecting any organization globally in April 2023, when 2.3 million patients of the Massachusetts-based medical services provider had their personal data stolen after a cybercriminal gained unauthorized access to the organization’s systems.
Meanwhile, in the UK, a ransomware attack on the University of Manchester occurred in June, affecting an NHS patient data set holding information on 1.1 million patients across 200 hospitals.
Critically, the wealth of data housed in healthcare networks, and the potential impact of data unavailability in healthcare, make the industry both attractive and lucrative to threat actors.
It’s no coincidence that the Sophos report shows the rate of encryption in the healthcare sector is at its highest level in recent years. Of those healthcare organizations which suffered a ransomware attack in 2023, 73% had their data encrypted – up from 61% in 2022. When cybercriminals can successfully take down hospital systems and/or encrypt patient data so it can’t be used, they can blackmail health service providers, demanding significant sums before reinstating systems and/or data availability.
Considering healthcare's critical role as the highest-stake industry in our society, where people's lives depend on its success, the likelihood of attackers achieving their goals is greater than in other sectors, as confirmed by the Sophos report. Indeed, of the 73% of healthcare organizations that had their data encrypted, 42% reported that they paid the requested ransom to recover data.
DSPT and the compliance burden
Without question, the security-related challenges in healthcare are mounting. Right now, industry organizations are operating against a backdrop of unprecedented operational and workforce pressures, spiralling demand for care and industrial action.
Moreover, there is a growing regulatory burden, with organizations continually asked to comply with evolving cybersecurity rules, battling with multiple compliance mandates at any given time.
Take the NHS as an example. According to the 2023 NHS Providers’ Regulation Survey, just over half (52%) of respondents said the regulatory burden on their trust had increased. And this is expected to ramp up further in the future, with the UK government setting out a new 2030 strategy aimed at bolstering cyber resilience in healthcare.
Among the compliance burdens that the NHS faces is the challenge of meeting the requirements of the newly updated Data Security and Protection Toolkit (DSPT).
Mandated to minimize cyber risks and enable healthcare providers to maintain a robust information security posture, the DSPT is not a simple checklist of security controls, but a comprehensive toolkit to evaluate current security maturity and establish a risk management programme.
Indeed, in more recent times, DSPT has moved away from being a guide for achieving certain levels of assurance, and toward a mandatory evidence-based system which demands NHS organizations align with 10 precise National Data Guardian (NDG) standards: 1. The organization assures good management and maintenance of identity and access control for its networks and information systems. 2. The organization closely manages privileged user access to networks and information systems supporting essential services. 3. The organization ensures passwords are suitable for the information being protected. 4. Process reviews are held at least once a year where data security is put at risk and following security incidents. 5. Action is taken to address problems as a result of feedback at meetings. 6. All user devices are subject to anti-virus protections, while email services benefit from spam filtering and protection deployed at the corporate gateway. 7. Action is taken on known vulnerabilities based on advice from NHS Digital, and lessons are learned from previous incidents and near misses. 8. The organization has a defined, planned and communicated response to data security incidents impacting sensitive information or key operational services. 9. The organization has demonstrable confidence in the effectiveness of the security of technology, people, and processes relevant to essential services. 10. The organization securely configures the network and information systems that support the delivery of essential services.
Reducing Compliance Challenges with the Right Solutions
Taken individually, these standards may not seem too strenuous to adhere to. However, to be compliant with DSPT, all 10 items need to be completed and deemed ‘satisfactory’.
To tick all 10 key boxes in the most effective and efficient manner simultaneously, organizations should consider their strategy carefully. This could involve embracing supportive tools to accelerate and enhance their compliance journey.
Boiled down, DSPT demands several key things, including unincumbered visibility of the entire ecosystem, as well as the ability to demonstrate secure access, logs and storage, and essential auditing processes to maintain data security.
Achieving these things might appear complicated, even daunting. However, there are solutions known as Security Information and Event Management (SIEM) systems on the market that can make achieving these capabilities, and in turn DSPT compliance, easy.
Here, we outline some of the key features to look out for to meet compliance: • Log retention: A modern SIEM should be able to provide a centralized log storage and big data platform that scales to any organization’s size. Platforms should be able to provide role-based access to log data, including ‘data privacy’ functionality that can mask sensitive data until approved. Log data should not be modified or removed by users once ingested into the platform, while all data held should also be indexed and fully searchable. • Identifying and disabling unnecessary accounts: A good SIEM will also provide account auditing facilities for Active Directory that allow administrators to quickly identify dormant accounts. They should also be able to remove privileged user access when no longer required or appropriate. More sophisticated platforms will be able to do this in an automated manner. • Easy identification of issues: Clear and easily readable dashboards, alerts and reports for user logging activity should be provided, including failed login, apparent brute-force attempts, and bad password management practices. Further, those using machine learning will be able to identify unusual behavior patterns based on a baseline of activities of users and their peer group. • Integrate with third-party threat feeds: It will also be able to integrate with a wide variety of third-party threat feeds that provide information about specific known threat payloads/hashes and destination domains/addresses.
Meeting the mandate
Of course, having the right features in place is only part of the puzzle. For organizations to be truly successful in embracing tools that enable them to meet DSPT compliance more effectively, they should work to ensure that solutions providers offer them ongoing support – both in terms of ease of deployment and to ensure that they are using key systems in an optimal manner.
Scalability is another important aspect to consider.
Systems should be able to scale and continue to support the organization as data volumes increase and become more complex over time.
In respect of scalability, organizations should take time to think about pricing models, ensuring that these are based on the number of devices (nodes). In doing so, it will become easier to accurately budget future costs, as well as provide greater budgeting certainty over the short, medium and longer term.
A converged SIEM allows organizations to prioritize the big picture over individual tools, enabling them to develop a seamless and easy to use security operations setup. Not only does this approach boost cost transparency and eliminate potential complexities with managing a variety of siloed products – equally, it reduces the burdens on security teams, eliminating complexities over system integration and enhancing performance.
A converged SIEM combines key technologies easily to offer improved security outcomes. In doing so, organizations can easily home in on specific standards and adopt security best practices while reducing the burden on security teams tasked with meeting DSPT compliance.
Read More
Digital Healthcare
Article | November 29, 2023
Throughout my professional carrier, I iused to visit many companies involved in drug discoveries and had seen the challenges they go through. Some are pleasant as the investigational molecules were moving forward in value chain whereas few faced bottlenecks at the end. The association with Pharma industry over the years had taught me about many new ideas and allowed me to see that how innovative ideas are impacting our social and scientific world to a great extent. The changes we see today, are the results of ideas came from various quarters globally and I feel digital innovation had shaped today’s world differently. The impact of digital platform in today’s Pharma world is a “Game-Changer".
Innovation is a continuous process which simplifies challenges into reality and plays a very important role in our society. Centuries ago, scientists used to spend years in laboratories to understand material science. The chemical science evolved around discovering elements, synthesis of compounds or even isolating products from natural resources. Today’s world is highly indebted to those discoveries and efforts and modern science has gradually moved towards digital platform. Last few decades, innovations based on new technology platforms has made huge impact in scientific discoveries and few such ideas and action I feel has brought significant changes. Our lifestyle and social environment have witnessed deep impact due to such innovation. The chemical science is evolved not around only chemists today but have huge influence of mathematicians and technologists for faster development.
Advancement of digital science, new algorithms to solve the problems has modified the way of drug discovery to a great extent. In the recent past, we were heavily depended on big machines, but innovation has brought the whole items in a small packet now. The technology platform is modified, speed has increased in identifying new drugs with artificial intelligence (AI) and machine learning is accelerating the drug discovery and development processes. Today’s Pharma industries for commercial supplies are now depended on automation, optimization of the manufacturing processes, as well as designing effective marketing and post-launch strategies. The process is aimed to have better control on the operation, improving safety and better predictability of quality. For conducting clinical trials, identifying patient’s profile, an eligibility criteria is crucial which has been made by the processes being faster and cost effective by introducing Artificial Intelligence (AI).
Earlier when focus was to identify the origin of life, finding new elements, compounds or building blocks, today’s world is heavily dependent on data or ‘Big Data’. The amount of information available throughout drug discovery and development process, analyzing, interpreting, and predicting right candidate require high-performance systems to analyze data properly and derive value from it. There is advancement of analytical techniques, which provides more accurate information about the clinical trial reports and the data across patient pool, zeroing down towards right candidate is a real challenge and there are several AI enabled tools available where the processing time is reduced significantly which might have taken several years. The exciting part is that innovation is not only limited to laboratory work but works in coordination of mathematical interpretations, data analysis and provide significant clues to develop new molecules and even provide approach towards therapeutic categories. Currently available advanced technologies enhance drug development process, making it less time-consuming and cost-effective process where AI can recognize hit and lead compounds, and provide a quicker validation of the drug target and optimization of the drug structure design. Data scientists play a very significant role in all these activities.
Innovation focusing personalized medicine is now a reality and companies involved in such basic research have made breakthrough to understand how the human body responds to drug. Software solution is also available for simulating effects of drugs in patient body based on individual characteristics, scientific data for real time prediction of efficacy and drug interaction on individual. These predictive models are shortening drug discovery pathways to a great extent. Small molecule drugs or even large molecules development are heavily depended today on such modelling and predictive approach. The aim to reduce cost of drug development, shortening discovery path, focus on clinical trial mechanism is more productive with a higher success rate. During the pandemic period, in a shortest possible manner, several companies started working to develop new drugs or vaccines using drug-specific exposure models for drugs under investigation for the treatment of Covid-19.
Similarly, discovery platform is also working on cutting edge technology ‘Organ-on-a-chip’ that can emulate the physiological environment and functionality of human organs on a chip for disease modeling, mimicking the impact and could be a game changer in future. I will be happy to see when technology platform can accurately predict human mind and with the help of AI, can find a probable solution to avoid any such complex conflicts. It would be interesting to see that AI is analyzing and predicting the chemical change in the bodies impacting human mind and analysisng it quickly to predict psychological behavior of the patient and guide physician for right therapy. This may lead to predicting problems one may face in old ages where the decays may be prevented at early stage. This is a challenge but understanding and predicting psychological behavior may improve patients’ life. Depression and its remedy may be based on understanding changes, patterns of physicochemical behavior and its impact during mood swing and predicting such things in advance by using the advanced AI tools could be a game changer.
Another path breaking development where technology involving both engineers and scientists to help drug design to obtain maximal therapeutic benefits for patients including designing drug delivery systems and biomedical devices is 3D-printing technology. This involves high end computer simulations making analysis faster and predictive than before. Influence of 3D printing in designing variety of dosage forms has simplified its preparation. Though further study is under progress but the technology implementation at late has reduced cost of drug development to a significant extent and will add value in future drug development. It is interesting to see how this 3D printing technology works on human brain mapping and predicting a right path for treatment for betterment of large patient pool. Today with advanced technology, we are now more dependent on machines, limited close interaction with our near and dear ones, but created more friends on social platform. Though life looks easy, but over dependent on machines is creating another complex environment and this growing complexity may change the disease pattern. It will be interesting to see that how these technology platforms improve further to ease out such complexities for a healthy future.
Read More
Health Technology
Article | September 12, 2023
As consumers, we crave convenience and simplicity, and across an array of industries, technology has made it increasingly easy to search for and purchase products and services. From getting a pizza delivered to buying a car online, the process often involves entering a few pieces of information, hitting send, and waiting for a confirmation email.
A Changing Landscape
Unsurprisingly, people want this same level of convenience and simplicitywhen they're seeking care. This change in consumer demand for convenience is further compounded by fundamental shifts in the healthcare ecosystem. Among these shifts are cost-sharing models that have increased patient out-of-pocket expenses, healthcare systems that are increasingly shifting toward delivering value-based care, and innovations in digital health solutions.
While patients want to play an active role in managing their well-being, that is often easier said than done in a system that uses a combination of manual processes and non-integrated point solutions to try and meet consumer demand. Disparate and burdensome methods of managing patient engagement often lead to inefficiencies within provider organizations, resulting in missed appointments, increased registration and eligibility-based denials, incomplete payments, higher collections and write-offs, and low patient satisfaction.
Consumer Dissatisfaction
Healthcare consumers today feel like they're fighting an uphill battle. According to Change Healthcare's 2020 Harris Poll Consumer Experience Index, 67% of respondents agreed that it “feels like every step of the healthcare process is a chore.” A similar percentage, 62%, agreed that “the healthcare system feels like it is set up to be confusing.”
Furthermore, if consumers don’t receive the level of convenience and digitization they want from their current provider, they’re more than willing to seek it out elsewhere. In a recent Black Book survey, 80% of respondents indicated they would be willing to change providers for more convenience even if they were receiving good care from their current provider. An even higher percentage of patients,90%, do not think they have to continue seeing a provider if that provider does not “deliver an overall satisfactory digital experience.”
A Patient-Centric Approach
Improving the patient experiencestarts with humanizing revenue cycle management(RCM) —the administrative process that takes the patient from registration and appointment scheduling to the final payment of a balance. Simply making administrative touchpoints self-service and easy to understand throughout the patient’s financial journey can help humanize revenue cycle management for providers.
How is that possible? By thinking about the patients’ side of the administrative process and leveraging innovative technologies like artificial intelligence, robotic process automation (RPA), natural language processing (NLP), and machine learning. The more that providers’ staffs are able to automate repetitive tasks, the more time they're able to spend helping provide a seamless patient engagement journey that is focused on a patient’s specific needs. In other words, reducing human intervention throughout our technologies allows providers to infuse more human interaction with each patient as they navigate their healthcare journey.
According to Change Healthcare’s 2020 Harris Poll Consumer Experience Index, what patients really want is a retail-like shopping experience with modern, streamlined communication, as thevast majority (81%) agreed that “shopping for healthcare should be as easy as shopping for other common services” via a streamlined access point online. A clear majority (71%) also said they want their health insurance and healthcare providers (68%) to communicate with them using more-modern platforms.
Simplified Scheduling and Payment
The entire clinical-care journey is focused on the specific needs of the patient rather than the provider, so why shouldn’t the patient’s financial journey be handled the exact same way? From a patient-satisfaction perspective, patients are not separating their clinical journey from their financial journey, so providers should start viewing it the same way.
It should be easy to schedule an appointment and modify that appointment if needed. Patients should have to (securely) provide their personal and insurance information only once (digitally and in advance), then be squared away when they show up for their appointment with their provider. In addition, because of COVID-19 and the heightened awareness surrounding personal interaction, it’s important to provide patients with no-contact check-in and waiting room options.
By humanizing RCM, providers can achieve a cohesive end-to-end journey that allows patients to quickly and easily get the care they need complete with clear communication, price transparency , and a provider who truly takes the time to understand their unique situations. By putting the patient back at the center of their care journey, providers can improve care outcomes while also driving maximized business outcomes for their organizations.
Read More
Digital Healthcare
Article | June 4, 2022
As the cost of care continues to rise, many hospitals are looking for long-term solutions to minimize inpatient services. Learn how technology and health care delivery will merge to influence the future of hospital design and the patient experience across the globe in this report developed by Deloitte US.
Five use cases for the digital hospital of the future
The future of health care delivery may look quite different than the hospital of today. Rapidly evolving technologies, along with demographic and economic changes, are expected to alter hospitals worldwide. A growing number of inpatient health care services are already being pushed to home and outpatient ambulatory facilities. However, many complex andv very ill patients will continue to need acute inpatient services.
With aging infrastructure in some countries and increased demand for more beds in others, hospital executives and governments should consider rethinking how to optimize inpatient and outpatient settings and integrate digital technologies into traditional hospital services to truly create a health system without walls.
To learn what this future of health care delivery may look like, the Deloitte Center for Health Solutions conducted a crowdsourcing simulation with 33 experts from across the globe. Participants included health care CXOs, physician and nurse leaders, public policy leaders, technologists, and futurists. Their charge was to come up with specific use cases for the design of digital hospitals globally in 10 years (a period that can offer hospital leaders and boards time to prepare).
The crowdsourcing simulation developed use cases in five categories
Redefined care delivery
Emerging features including centralized digital centers to enable decision making (think: air traffic control for hospitals), continuous clinical monitoring, targeted treatments (such as 3D printing for surgeries), and the use of smaller, portable devices will help characterize acute-care hospitals.
Digital patient experience
Digital and artificial intelligence (AI) technologies can help enable on-demand interaction and seamless processes to improve patient experience.
Enhanced talent development
Robotic process automation (RPA) and AI can allow caregivers to spend more time providing care and less time documenting it.
Operational efficiencies through technology
Digital supply chains, automation, robotics, and next-generation interoperability can drive operations management and back-office efficiencies.
Healing and well-being designs
The well-being of patients and staff members—with an emphasis on the importance of environment and experience in healing—will likely be important in future hospital designs.
Many of these use-case concepts are already in play. And hospital executives should be planning how to integrate technology into newly-built facilities and retrofit it into older ones.
Technology will likely underlie most aspects of future hospital care. But care delivery—especially for complex patients and procedures—may still require hands-on human expertise.
Laying the foundation for the digital hospital of the future
Building a digital hospital of the future can require investments in people, technology, processes, and premises. Most of these investments will likely be upfront. In the short term, hospital leadership may not see immediate returns on these investments. In the longer term, however—as digital technologies improve care delivery, create operational efficiencies, and enhance patient and staff experience—the return result can be in higher quality care, improved operational efficiencies, and increased patient satisfaction.
These six core elements of an enterprise digital strategy can help you get started as you begin to push your hospital into the future
Create a culture for digital transformation
It is essential that senior management understands the importance of a digital future and drives support for its implementation at all organizational levels.
Consider technology that communicates
Digital implementation is complex. Connecting disparate applications, devices, and technologies—all highly interdependent—and making certain they talk to each other can be critical to a successful digital implementation.
Play the long game
Since digital technologies are ever evolving, flexibility and scalability during implementation can be critical. The planning team should confirm that project scope includes adding, modifying, or replacing technology at lower costs.
Focus on data
While the requirements of data interoperability, scalability, productivity, and flexibility are important, they should be built upon a solid foundation of capturing, storing, securing, and analyzing data.
Prepare for Talent 2.0
As hospitals invest in exponential technologies, they should provide employees ample opportunities to develop corresponding digital strategies.
Maintain cybersecurity
With the proliferation of digital technologies, cyber breaches can be a major threat to hospitals of the future. Executives should understand that cybersecurity is the other half of digital implementation and allocate resources appropriately.
Read More