In the US, there have been over 30 Million records breached between 2016 and 2017. Exploits like these are possible when data is under centralized control.
When you think about it, Facebook controls access to every piece of information about you. In this specific exploit, the software allowing a user to view as another account, didn’t even affect the user who used the feature, it was someone else’s.
The software itself has access to everyone’s information, and now the scope of attack becomes extremely large, impacting what might grow to even more than 50 Million records.
The same type of software that can access anyone’s personal information is what is being used in healthcare today.
The threat for Facebook type breaches in healthcare only increases as provider consolidation continues into 2019 and data storage and EMR companies like EPIC, dominate the market and create larger pools of data.
Companies like EPIC, Anthem, Blue Cross and even the small practice owner don’t want the responsibility of your data because they know they will get breached and their reputation will be tarnished on top of the financial implications.
After being exposed to network and data security for the better part of 24 years, I truly believe that cyber security teams are always going to be reactive in nature. Any time new software is released, there is the potential of a new exploit being created.
The world needs more disruptive innovation and this will surely create more vulnerabilities, but we can’t stop.
Through our research of healthcare blockchain use cases, we’ve found blockchain technology to be extremely effective at mitigating data breaches by using smart contacts between data consumers, data owners, and the data itself.
Smart contracts can have conditions that ensure the data consumer meets certain requirements (e.g. accreditation), the data owner has to approve, and in some cases, the information is shared anonymously. The transactions are recorded in an immutable ledger and the data can never be changed.
Decentralized blockchain’s and distributed ledger technology are being used to create a digital twin that only contains personal health informs of a single user.
In layman’s terms, there is a very tightly controlled key, that is nearly impossible to hack using to total computer power on earth today, and it only allows access to a single persons information.
The final data is also encrypted with a different key that creates a lot of financial and resource burden on a bad actor, just to get a single record?
This is why healthcare companies are looking into blockchain.
Since exploits and breaches are always going to be around, what we need to do is limit the number of records leaked in a single attack.
This way, your data it’s not jeopardized by any other provider, administrator and support accounts where your data is used and stored.