The Growth of Medical Tourism 3

This is a multi-part story over 3 days. Take me to the beginning. Trends in Medical and Dental Tourism Patients Beyond Borders, a publisher of guidebooks for "medical tourists" estimates that more than 20 million people will travel to another country for medical treatment this year, up 25% from 16 million last year. Meanwhile, a 2016 report by Visa estimated that the medical tourism industry was worth $50bn a year, and continuing to grow. In...

Read More

The Growth of Medical Tourism 2

This is a multi-part story that launched yesterday. My employer-sponsored-health-plan provides me and my family with an annual physical with our primary care physician. This normally involves a 40 to 60-minute appointment where a nurse measures my height and weight, checks my vision, draws some blood and has me pee in a cup before my doctor gives me a physical examination. Thanks to Obamacare this little interaction is annual and free,...

Read More

The Growth of Medical Tourism 1

Despite the United States having arguably some of the best healthcare in the world, it also has the singularly most expensive. For such a wealthy country it has alarmingly high infant mortality and untreated psychological illness rates. It also suffers from an alarmingly unequal access to health services dependent upon income and where you live. Furthermore, thanks to recent tweaks to reduce upfront health insurance premiums it is also afflicted...

Read More

HIMSS19

Jason Hawley & Richard Staynings co-present at HIMSS19 today in Orlando.  Photo: Ty Greenhalgh.   Don’t Let Your IT and OT Systems Become Antiques. The problem of out of date legacy hardware, operating systems and applications across the healthcare industry is endemic. This is especially so at small hospitals and clinics where tiny IT and security staffs and highly constrained budgets, prevent the upgrading of end-of-life...

Read More

Converging Paths

Patient safety has always been a major concern for healthcare providers but never before has it been so inextricably linked with cybersecurity. This is a subject I have blogged about, lectured to students of healthcare and cybersecurity, and spoken about to audiences of senior healthcare leaders at conferences and summits all over the world. It's a convergence that we all need to become familiar with as enterprise risks change across the industry...

Read More

The Cybersecurity Skills Shortage

I read a great article this morning by Dr. Magda Chelly published in the Singapore Independent. The article discussed the cybersecurity skills shortage and the immediate need for more cyber professionals to fill existing job vacancies in Singapore. The shortage of cybersecurity professionals is a global concern however, and Singapore is far from alone in its need for more qualified and experienced technical and managerial security professionals....

Read More

A Pattern of Complacency

A recent story which ran on CBS News entitled “How medical devices like pacemakers and insulin pumps can be hacked” highlighted deficient plans and processes by the US Food and Drug Administration for addressing medical device cybersecurity compromises. The report issued by the Inspector General has been disputed by the FDA which says that it has worked proactively on the issue with security researchers and ethical hackers to identity and fix...

Read More

Third Party Vendor Risk Management

Richard Staynings addresses the need for better Third Party Risk Management @VAHIMSS18  Lets face it, most Healthcare Covered Entities do a lousy job of managing risk - especially cyber risk in a world where data is flowing everywhere to meet government Meaningful Use requirements. In fact as an industry, we almost myopically interpret risk to refer to clinical procedures or hospital-borne post operative infection rates. In an HDO, risk is...

Read More

Strategic Cybersecurity | Making Intelligent Cybersecurity Investment Decisions

Studies show that in the face of cyber-crime costing the global economy ~$450 billion per year, organizations are investing in cyber security safeguards on an unprecedented scale. A 2017 Accenture / Ponemon study indicated that current spending priorities are often misdirected toward security capabilities that fail to deliver the greatest efficiency and effectiveness. The quality of cyber security decision making can be improved dramatically...

Read More

Panaceas, Shiny Objects and the Importance of Managing Risk in a Healthcare Environment – Part 3

Is there a more challenging position anywhere in information security than that of a healthcare organization’s cyber risk management leader? If there is, I can’t think of what it would be. Whether your title is CISO, CSO, CTO, CIO or some variation thereof, the task is daunting. As we mentioned in Part 1 of this series, healthcare as an industry has a huge target on its back. Cyber attackers focus on healthcare not only because patient information...

Read More

Medical Device Security and CIO Insomnia

During a conversation over drinks with a number of CIOs at a recent healthcare conference, I discovered that the number one concern that keeps most healthcare executives up at night is the security of their medical devices. That was somewhat unexpected, especially following press-grabbing headlines last year about ‘WannaCry’ and other ransomware attacks rendering a large part of the British NHS and other health systems useless for several weeks...

Read More

Panaceas, Shiny Objects and the Importance of Managing Risk in a Healthcare Environment – Part 2

Healthcare CIOs, CISOs, and other information risk management leaders face daunting challenges when it comes to deciding where to apply their limited resources to make the biggest difference in their organization’s cyber risk posture. As I mentioned in my previous post, healthcare security leaders can be tempted by shiny new objects – i.e., new security tools – that promise to be the panacea to their most pressing security problems. Cyber...

Read More