Between 2018 and 2019, the US healthcare industry experienced a five-fold increase in patient data breaches, with hacking accounting for more than 88 percent of them. More than half of the targeted entities were healthcare providers, primarily due to inadequate investments in cybersecurity and the negligence of unsuspecting employees.
Patient data is sacrosanct for the healthcare industry given its highly sensitive nature. In fact, patient Electronic Health Records (EHRs) are priced 10 times higher than credit card information on the dark web. Given that healthcare data is a lucrative target for cyber attackers, healthcare CXOs need a guided approach to secure their patients and enterprises against cybersecurity threats.
Healthcare enterprises are becoming increasingly vulnerable to attacks as patient-centric care takes center stage and care delivery models such as mHealth and remote monitoring become commonplace. So, they must identify their crown jewels – patient data, care delivery applications, and medical devices, among others – across the value chain and allocate their cybersecurity investments accordingly. To do so, they need to contextualize threat intelligence, understand attackers’ behavior and intent, and make appropriate investments in cybersecurity to increase preparedness and reduce response time in the event of a breach.
To hack-proof their estates, healthcare enterprises need to adopt a value chain-led view to identify and alleviate cybersecurity concerns across four areas:
Here’s an example of how a healthcare provider can prioritize its IT security investments in accordance with its business priorities by taking a value-chain view.
Once healthcare enterprises have identified what to do to bolster security across the value chain, they need to think about how to do it. We recommend a three-phased approach:
US-based Trinity Health adopted an enterprise-wide data security strategy in the aftermath of the WannaCry ransomware attack in 2017. It implemented an asset management plan to govern its connected devices and networks to improve its response to adverse events. It also instituted an event response team to isolate, contain, and deploy patches when threats were identified. Realizing that its employees could also be vulnerable targets, Trinity Health initiated exercises to help them recognize and respond to cybersecurity threats. And that’s not all; it also leveraged the National Institute of Standards and Technology (NIST) Cybersecurity Framework to redesign its procurement process, technology and security assessments, and supplier evaluation responsibilities to recover in case of actual emergencies.
In an industry committed to digital transformation and increasingly embracing patient-centric care, healthcare providers must devise a well-thought-out cybersecurity strategy to protect their crown jewels across the value chain. This is the only way they’ll retain patients’ trust, drive brand value, and ensure better outcomes for all stakeholders involved.
A couple of weeks ago in San Francisco, J.P. Morgan’s 38th annual Healthcare Conference brought together leading pharmaceutical, healthcare, and medical devices firms, global service providers, technology vendors, emerging start-ups, and members of the investment community. Because this conference happens so early every year, it usually sets the tone for the healthcare ecosystem each year.
Here’s our take on the top themes addressed during the 2020 conference.
Because 2020 is a US presidential election year, it’s no surprise that rising medication costs was a contentious topic of discussion at the conference, particularly as: several candidates are promising lower prescription drug costs; spending on drugs constitutes about 10 percent of the national health expenditure in the US; 25-30 percent of US patients find it difficult to afford the cost of their prescription medications; and, drug/device efficacy and health outcomes haven’t been improving in line with increasing prices. A recent Kaiser Family Foundation survey found bipartisan support for government action to lower prescription drug costs. And the government, healthcare payers, and patient groups alike are pressuring life sciences firms to take on more financial accountability and reconsider how they price their products.
From a services delivery perspective, we believe all this turmoil is creating a perfect environment for the adoption of innovative value-based payment models in the pharma industry. To support value-based contracts and orchestrate an integrated technology ecosystem to enable collaboration and transparency among patients, life sciences firms, and healthcare payers and providers, IT service providers will have to build capabilities like solutions for risk analysis, value analysis, and reward analysis, blockchain-based smart contracts, and IoT-based patient data capture.
With consumerism gaining ground in healthcare, health insurance program members and patients are demanding increased engagement, control, convenience, quality, and affordability. Thus, there were multiple discussions at the conference on digital health and wellness apps that operate outside of the realm of actual care delivery but augment caregivers’ abilities. There were also numerous sessions on why challenges such as outdated reimbursement and payment models, inadequate technological infrastructures, restrictive policies, resistance to change, and a lack of financial incentives have to be solved in order for telemedicine and telehealth options to be truly viable.
Although there are many obstacles, we’ve already seen some positive results from the implementation of telemedicine/telehealth in the form of cost savings and a vision for expanded care in the long term. At the same time, we believe the ecosystem is struggling to evolve a truly sustainable business model in consumer and digital health. Examples of these struggles include players like 23andMe, which laid off 14 percent of its staff in the wake of declining DNA test sales and is tightening its focus on the direct-to-consumer business and its therapeutics arm, and Proteus Digital Health, which is winding down its $88 million deal with Otsuka Pharmaceutical as it pivots toward oncology and infectious disease treatment adherence.
The healthcare industry’s ever-growing repository of untapped data, from both clinical and non-clinical sources, may finally be a part of monetization use cases in the near future. Some conference participants referred to this unexploited data as “the oil of healthcare.”
The real question is if organizations will have the right resources to make data liquid, available, and accessible to the right stakeholders at the right time. In our view, the emergence of data exchange platforms (such as one announced by Amazon – AWS Data Exchange) can spur revenue generation for companies holding data assets; but that can only happen once the challenges around defining data integration, managing heterogeneous data, and extracting value from data are solved. At the same time, healthcare companies, researchers, and innovators may begin to realize improved innovation with requisite data up for purchase through data exchange platforms.
BigTechs Like Amazon, Apple, Facebook, and Google already have a track record of disrupting major industries such as retail and telecommunications. And because patient-/member-centric solutions are in high demand among resource-strained enterprises, these technology giants are now invading the lucrative healthcare industry, and many have already made and announced significant investments for transforming the industry.
At this point in time, the BigTechs aren’t competing with incumbents. Rather, their current market share lies largely outside the traditional scope of the healthcare industry (payer, provider, pharmacy benefits manager, etc.), in areas such as data and analytics, consumer devices, and transportation services. However, partnerships, like Google’s recently announced relationship with Ascension, can expand their role.
Here’s an illustration from our recent BigTechs in Healthcare: Reimagining the Ecosystem study that analyzed 11 large technology firm’s (Amazon, Apple, Facebook, Google, IBM, Lyft, Microsoft, Oracle, Salesforce, SAP, and Uber) investments in the healthcare industry The study took an objective look at the many ways BigTechs are impacting healthcare.
Please contact us at [email protected], [email protected], and [email protected] if you’d like to hear more about these themes from J.P. Morgan’s Healthcare Conference, or learn more about our “BigTechs in Healthcare: Reimagining the Ecosystem” study.
Total hospice care and physician & clinical services spend: administrative spend and care-related spend
© 2011-2023 Everest Global, Inc. Privacy Notice Terms of Use Do Not Sell My Information
"*" indicates required fields
