Barry Cashman, Veritas Technologies, looks at how digital transformation can shape better patient care in the NHS
Digital transformation is not a new concept to the healthcare sector, but it has ramped up significantly over the past two years.
According to Deloitte, as a result of the COVID-19 pandemic, over three-quarters (78%) of UK clinicians say their organisation has increased digitalisation to support their way of working. Meanwhile, four-fifths (80%) say their organisation has utilised digitalisation to boost virtual support for patient care pathways.
Indeed, in its 2021 guidance, the NHS outlined its aim to deliver at least 25% of services by telephone or video consultation where outpatient attendances are clinically necessary.
Securely digitising an organisation as mammoth as the NHS is no mean feat, and this has proven a logistical challenge for healthcare IT. In fact, although the NHS committed to a paperless goal by 2020, targets set out in the ‘Five Year Forward View’ were missed. But this doesn’t mean the benefits have been forgotten.
Telemedicine solutions and paperless initiatives can vastly improve patient experiences and reduce the much-dreaded NHS wait times, while freeing up resources and minimising the burden on clinicians, hospitals and A&E departments.
However, healthcare organisations and providers must ensure that the digital systems that are being increasingly relied on are secure. Given the highly sensitive nature of medical records, data that flows across these channels must be protected so that patient confidentiality is honoured, and healthcare services can continue uninterrupted.
So how can this work in practice?
Reducing ROT and taking ownership of data
Healthcare professionals are now increasingly using computer systems to log medical records, as well as communicate with, and help treat, patients. Remote consultations will likely take place via video conferencing tools and result in new patient data being uploaded to the central IT system. This data may also be transferred between departments and Trusts using other cloud-based collaboration tools.
In order to ensure data is kept secure, healthcare providers need to have full visibility of all of their data – whether it sits in data centres, in the cloud or in paper records – and have processes in place to eliminate redundant, obsolete and trivial (ROT) data. Standardising on a set of collaboration and messaging tools that meet the needs of the NHS can help limit further data sprawl. Creating policies for information sharing can help control the sharing of sensitive information, while educating employees on these new policies and tools being deployed can limit the chance of accidental data breaches.
There is often a misconception that cloud providers will protect organisations’ data in the cloud, but the onus is on healthcare providers to protect its own data, regardless of where it resides. Implementing a single data protection platform that can operate across the entire data estate – both in your data centre and the public cloud – is the only way to ensure data is safeguarded.
The cybersecurity threat
Digitising patient data brings with it many great opportunities for improved productivity and patient care, but it also comes with the great risk of cyber threats. Unfortunately, given the sensitivity of the data they handle, hospitals are in a unique and precarious situation when it comes to potential cyberattacks.
Attacks often have obvious repercussions like financial risk, but for the NHS, such attacks that grind systems to a halt for hours, days or even weeks, also have the potential to put lives at risk if patient data is unable to be immediately accessed in urgent scenarios. The WannaCry cyberattack on the NHS in 2017 was a stark reminder that hackers with sophisticated software can put data and lives at risk.
The more emergency and healthcare services rely on data, the greater the impact that hackers can have by interfering with it, and the more likely their victims are to pay to get their systems back online. And this has driven the explosion in ransomware that we’ve seen over the last year.
Surviving any kind of ransomware attack always starts with understanding your data – what it is, where it is and what it’s worth. This enables strategic data protection – but also gives healthcare providers the information they need to respond effectively to extortion attacks. The ability to refuse payment of a ransomware demand requires confidence that the risk has been contained – data can be restored without paying, and no data of any value has been stolen. That means having reliable backups and being able to isolate all valuable data. If a ransomware attack is a matter of ‘when’ rather than ‘if’, knowing ‘when’ becomes absolutely critical. Fast anomaly detection, that can allow both accurate recovery point identification and protection against exfiltration will help minimise the impact of a successful attack.
Balancing the risk-reward
As digitalisation continues, telemedicine and paperless initiatives will be an important part of the future of healthcare. The convenience digital healthcare offers for both patients and clinicians, means that as long as they are secure, technology solutions can be increasingly relied on. But using these tools and resources does not come without risks.
By ensuring that their security measures keep pace with the new technologies they implement, healthcare providers can reap all of the rewards of digitalising patient services, while keeping the risks of data breaches and attacks at bay.
