3 ways Altera’s Platform of Health will meet the security needs of the future
As a security professional I’m sometimes accused of being “the boy who cried wolf,” but if my colleagues saw the number of attacks any modern healthcare network or system undergoes every day, and if they knew how easy it is to buy the information taken during those attacks on the open market, maybe they would lighten up on the accusation.
The systems we use to deliver healthcare today were built on top of systems from the 1990s, which were built on systems from the 1970s, which were based on paper forms. How we create, connect and share medical information has changed drastically and only those who can realize the flexibility and security of today’s more modern systems can thrive over the next several years. I firmly believe that how we build, deploy and support these systems across the healthcare ecosystem will continue changing over the next three-to-five years and those changes will help us position our clients for better outcomes and deliver an improved experience while protecting our networks, our data and our identities.
The Platform of Health is an example of how we can leverage modern technologies to create that future. While my colleagues will talk about the other benefits of the Platform of Health, such as faster time-to-market or scaling to meet a nearly unlimited demand, I’m going to discuss how this new ecosystem goes a step further with advantages in security, privacy and compliance. Here’s a look into how the Platform of Health reimagines the way we gather, protect, and exchange data.
First, consider how the traditional way of gathering data from a patient has changed over only the past 10 years. While we tend to think of a patient’s room in a treatment facility as having only a single workstation, in truth, a common treatment room could include another 15–20 computing devices, and that’s just on the provider’s side. Remember, much of the innovation happening in healthcare today is being added to our cell phones, wearables and home health devices. When you add those to the picture, you can see that the old way of connecting, collecting and interpreting data that we’ve used so far simply won’t cut it. To meet the treatment needs of the future, we need platforms that respect the flexibility offered by mobile devices, the simple connectivity of modern web architectures and the risk awareness of a multi-level, security protection and monitoring ecosystem. This will protect our sensitive data (including our identities) even as that data is soon to be shared in new ways that we aren’t even aware of today.
The Platform of Health is designed to encompass all of these aspects of a modern healthcare-delivery and outcome-improvement platform. Our approach begins with understanding the first principle that today’s user—whether it’s a patient or a provider or a payer—may not be in front of a desktop computer. Mobile data delivery offers the flexibility of access nearly anywhere and the Platform of Health is designed to offer these interactive, user-friendly experiences that are secured by several levels of defense and end-to-end encryption, all while leveraging respected identity-management protocols to prove and protect your (and your patients’) sensitive information.
But what about how data is protected within the system? While we typically think of data protection in terms of building good perimeter defenses and strengthening who can access data, that approach won’t do much in the near future. For example, you’ve probably heard about many teams adopting machine learning to recognize patterns in their data. When you’re embracing machine learning, you need to think about protecting those models against corruption from malicious attackers who can poison the training data you’re using. You need to think about how to measure “drift,” the eventual differential between the effectiveness of your model’s analysis over time (as it is exposed to more and more real-world training data). And you need to think about how to measure bias—something that every ethical AI researcher can tell you is on the front of their mind every day.
The Platform of Health offers built-in tools to understand these nuances of machine learning and share risk related to these aspects of machine learning to your research team as well as your security experts and compliance teams. Those who just “use” machine learning without investing in the underlying infrastructure, tooling and process-control to provide a “platform-centric” approach are going to have a hard time when talking to their lawyers (for cybersecurity risk insurance), their clients (when talking about long-term efficacy of the models) and their auditors (when asked how a given recommendation was decided internally).
Finally (at least for the purposes of this piece), the Platform of Health will provide you with something that is well-established in other industries but not quite as mature in the healthcare space: good data governance. I’m referring to the ability to know where your data came from, who touched it and altered it, and how it is shared across the entire healthcare ecosystem. It will enable you to not only have this data provenance, but also will help categorize it faster (for better analysis and decision-making), classify it (for better risk management) and monitor it (for better security controls and compliance reporting).
The healthcare delivery market today requires lots of data to be exchanged between its stakeholders, and the healthcare delivery market of tomorrow will have to embrace that those stakeholders can be in the same room as well as across the world and share data responsibly and safely with the proper context and auditing to make decisions easier while still being secure and compliant. Altera’s Platform of Health is designed with these considerations at the forefront, and I’m proud to know that this level of security is being included in that design. As we continue forward, I’m confident our security measures will help all of our clients keep their patients’ data safe, and ultimately achieve better clinical and operational outcomes.