Advance the promise of digital health with cybersecurity

Advance the promise of digital health with cybersecurity

Advance the promise of digital health with cybersecurity

  • Posted by Jim Jordan
  • On September 8, 2022

Technology advancements are often out of sync with the systems and policies that support them.

Ramayya Krishnan, an expert in digital transformation and the Dean of Heinz College of Information Systems and Public Policy, often shares this sentiment and stresses the importance of investment in accompanying policy and cybersecurity systems to support technologies so they may be adopted by society.

Driverless cars are an example of technology advancing faster than society can sync its policies and laws. How do we make it safe? What is the definition of safe? Who pays when there is an accident? Is the car insurance industry responsible, or is it the manufacturer? If so, does the price of a self-driving car need to include the price of this risk to the manufacturer?

Integrating patient information not within the traditional electronic health records requires the involvement of other intermediaries and data brokers to bring together the broader view. However, by integrating non-traditional information with health information, these data brokers open themselves to new regulations such as HIPAA. This brings additional legal and financial risk to their business models. Is the new revenue opportunity worth their risk? Not sorting through these risks at the policy level may be a significant disincentive for them to participate in healthcare. Yet, by all counts, having this information available could greatly benefit society.

Cybersecurity, like national defense, cannot be left to market forces.

Economists will often use national defense as an example of a market that is not served well through traditional market forces of supply and demand. The issue is that the time it takes years, if not decades, to build the infrastructure, advance technology, and recruit and train personnel. You can not expect to invest and see a capability in the short term.

As we have discussed, cybercriminals are mainly motivated by the high return of health records. It is worth their investment to evolve their technology and methods continuously. Cybersecurity is in a continuous battle of anticipating and reacting to these cybercriminals’ changing technology and tactics.

Under such circumstances, the natural tendency would be to create a closed-loop system, yet this tactic to thwart cybercriminals detracts from the broader societal benefit of a digital health system.

The government’s 2023 budget includes an 11% increase for cybersecurity; this budget includes $11 billion for civilian cybersecurity and $175 million for privately owned infrastructure.

For private companies, an investment in and a reputation for solid cybersecurity is an investment in the brand.

AT&T Cybersecurity illustrates this point in their recently published blog titled, How does robust cybersecurity add value to a business?

This blog provides insight on the potential financial return from this investment, noting that the average breach costs $4.35 million in 2022 and that companies using AI technologies in their cybersecurity lose, on average, $3 million less per breach.

Notably, a strong cybersecurity reputation draws business partners and customers. A PwC report notes that more than 80% of consumers surveyed wished they trusted more companies with their data.

These trends apply to B2B markets seeking to improve their security to attract and retain customers. They will require more robust cybersecurity from their partners and vendors. Consequently, B2Bs that can promise increased security will be more valuable to potential clients. Those who bring risk will be dropped.

How long before the stock market starts dialing cybersecurity reputation and risk into public stock prices?

What can hospitals do to advance the promise of digital health with the increasing dilemma of increased cybersecurity risks?

When it comes to cybersecurity, hospitals have a lot to consider. They need to protect patient data, maintain HIPAA compliance, and prevent attacks that could jeopardize the safety of their patients. However, they also need to adopt new technologies, like cloud computing, that can improve patient care and make operations more efficient. So how can hospitals find a balance between these two competing priorities?

Hospitals can do a few things to ensure they get the most cost-effective cybersecurity possible. First, they should assess their risks and needs to identify which security measures are most vital for them to invest in. Second, they should look for ways to automate their security processes whenever possible. And finally, they should partner with a trusted cybersecurity provider that can help them implement and manage comprehensive security solutions. By taking these steps, hospitals can ensure they’re doing everything possible to protect their patients and staff while still taking advantage of the latest digital health technologies.


While it is clear that we need to make significant advancements in the area of cybersecurity, it is also evident that digital health can bring about great improvements in patient care. Hospitals and healthcare providers must continue to move forward with the promise of digital health while being ever mindful of the increasing risks posed by cyberattacks. With careful planning and a focus on security, we can ensure that patients reap the benefits of digital health while remaining safe from harm. What are your thoughts on this issue? How do you think hospitals can best advance the promise of digital health while mitigating cybersecurity risks?