Despite Security Threats, Data Continues to Save Lives

Last week, any fears we had about our personal health data being safe were intensified when the records of tens of thousands of psychotherapy patients in Finland were stolen. [1] As if this wasn’t enough to increase our anxiety, these confidential records were used to blackmail over 40,000 patients.

This is an alarming breach of patient privacy, but let’s take a step back: it is often only shocking events such as this that are reported in the news. What about all the good that comes from electronic health records (EHRs) and sharing our data?

Image by Grae Dickason from Pixabay

Image by Grae Dickason from Pixabay

Not forgetting the benefits of data sharing

Some of the key benefits of sharing our data include:

  • Sharing data enables healthcare providers to work more efficiently and to provide personalised care that best meets our needs [2]

  • Sharing data with clinicians and researchers has led to breakthroughs in drug development, improved communication between patients and healthcare providers, and enabled the development of more efficient clinical systems. [3]

  • EHRs offer a safer way to make prescriptions as records are kept up to date. [4]

Patients with mental health problems, in particular, can benefit from EHRs. For example, homeless individuals in Bristol, UK, welcomed the use of EHRs because it meant they no longer had to recount their traumatic experiences with every new doctor. Instead, with their permission, the new doctor could simply access their records and then focus on providing the most appropriate support. [5]

What are the key lessons from the Finland scandal?

By highlighting the benefits of data sharing, the severity of data breaches such as the one in Finland are not being ignored. In fact, such incidents do need to reach public awareness if they are to offer lessons.

So, what can be learnt from the hacking that took place in Finland?

  • Maintaining up-to-date security tools and firewalls is vital to preventing possible attacks.

  • Patient data should be protected using secure encryption protocols. This ensures that when patient data is being shared across different departments or organisations, the files are not linked to any personal information such as name and address.

  • It should be mandatory for all official personnel with access to patient files to use strong passwords and change them at specified intervals.

  • If a data breach does occur, a good data breach mitigation plan can minimize damage and via contingency plans that help protect patients. [6]

So, after this, should I still be sharing my data?

This is an individual choice. However, even with the threat of cybercrime, it is important to understand that the benefits of sharing data far outweigh the risks. Continued research and development in healthcare are dependent on data shared from patient records and data from patients who have taken part in clinical research. This is why many organisations are beginning to incorporate cybersecurity measures earlier when developing devices and software that is used to collect and store patient data. Furthermore, all data-sharing companies are legally required to protect patient privacy [7] and the European Data Protection Board (EDPB) regularly updates and enforces regulations that ensure patient information is kept safe. [6]

[1] Jarkko Sipilä. “Patients in Finland Blackmailed After Therapy Records Were Stolen by Hackers.” 2020. CNN. https://edition.cnn.com/2020/10/27/tech/finland-therapy-patients-blackmailed-data-breach-intl/index.html

[2] Shaun O’Hanlon. “Why Data Sharing Matters for Excellent Care.” 2017. NHS Confederation. https://www.nhsconfed.org/blog/2017/05/why-data-sharing-matters-for-excellent-care#:~:text=Quite%20simply%2C%20sharing%20data%20is,tangible%20benefits%20of%20data%20sharing

[3] “Shared Medical Records — The Pros and Cons.” 2019. Concorde. https://www.concorde.edu/about-us/blog/career-tips-advice/pros-and-cons-of-sharing-medical-records

[4] “Advantages of an EHR For Behavioral Health Care.” 2017. Checkpoint. https://checkpointehr.com/advantages-of-an-ehr-for-behavioral-health-care/

[5] Rachel Pugh. “The GP Practice Sharing Data to Transform Care for Homeless People.” 2017. The Guardian. https://www.theguardian.com/healthcare-network/2017/feb/22/gp-practice-sharing-data-transform-care-homeless-people#comments

[6] “How Secure Is Your Data? Assessing and Mitigating Risks for Electronic Health Records.” Health Informatics UIC. https://healthinformatics.uic.edu/blog/how-secure-is-your-data-assessing-and-mitigating-risks-for-electronic-health-records/

[7] “Cybersecurity and Cyber Resilience – Security and Cybercrime.” I-SCOOP. https://www.i-scoop.eu/cyber-security-cyber-risks-dx/

Dr. Nicola Davies

Nicola_Davies.jpg

Nicola Davies has her PhD degree in Health Psychology and she is a consultant medical writer. She is also a member of the editorial board of Data Saves Lives.