Healthcare’s strategic balance: Innovation and compliance
In 1250, the magnifying glass was constructed by Roger Bacon. This simple invention, originally constructed as a convex lens for scientific purposes, found its way to the medical field by 1280 as lenses to correct farsightedness.
This early medical advancement is part of a long list of milestones that have transformed healthcare as we know it, says Scott Whyte, chief strategy officer, Cleardata. In fact, some healthcare organisations have now moved from magnifying lens to using Google Glass to assist with surgeries.
From a patient perspective, medical innovations can be seen at our fingertips with the ability to access medical records on smartphones, using an app to remind us to take our daily medicine, or even track our vitals on a wearable device.
From the professional side, healthcare providers and payers have found themselves in a unique position to leverage technologies and available knowledge to improve patient care more than ever before. Healthcare organisations now have the ability to use apps on an iPad to access disease progression or look at lab results virtually while collaborating with other specialists.
Despite these technological advances, healthcare organisations still come face-to-face with daily anxiety related to data security and compliance. This anxiety is real in healthcare because the consequences of a slight misstep are so serious. Patients’ lives and their long-term health are literally at stake.
Healthcare breaches are worse than credit card breaches
One of the major obstacle to innovating in healthcare is the terrifying prospect of data breaches. While cyberattacks present a risk to virtually every major industry, hackers are particularly eager to target healthcare records. To thieves and bad actors, an electronic healthcare record is potentially worth as much as $1,000 (€865.92) whereas a stolen credit card is worth an average of 25¢.
Not only are the attacks more fierce, the penalties once attacked are severe. Take, for example, the health insurance giant Anthem, which recently agreed to pay a record $115 million (€99.57 million) to settle lawsuits related to a breach that jeopardised data relating to millions of its members. Governments are also ramping up pressure on healthcare organisations by tightening regulations.
A sweeping new privacy law in the European Union, known as General Data Protection Regulation (GDPR), expands citizens’ rights to their data and grants individuals the ability to demand organisations to erase their information from their database.
Failure to adhere to the new regulations or one’s request to be forgotten will result in major fines. States in the U.S., notably California and Vermont, are also enacting tough new privacy regulations paired with harsh penalties. In fact, California just passed a sweeping consumer privacy law in June of this year and will be fully implemented and effective by January 1, 2020.
The daunting regulatory landscape and the omnipresent threat of cyber attacks have understandably led many healthcare organisations to view innovative approaches to care with caution. Some fear the looming burden of security and compliance makes it difficult for organisations to innovate or scale in ways they would like. But there are ways to innovate within compliance and security frameworks which several organisations are succeeding at.
Collaboration drives innovation trust drives collaboration
In fact, I would argue that most of the innovation in healthcare is being driven by breaking down silos. We see collaboration within and between organisations as the key to healthcare breakthroughs. Take providers who partner with payers to share patient information that delivers demonstrably improved patient care and reduced waste or with pharmaceutical organisations to create digital therapies and solutions around their drugs.
This unprecedented scale of collaboration requires sharing extremely sensitive patient information which, in return, requires unprecedented trust. When an organisation demonstrates deep commitments to security, privacy and compliance, they become a more trusted partner for collaboration.
The way forward for healthcare organisations is to bridge the gap between innovation and compliance to include privacy, security and compliance by design in their cloud solutions. With new offerings coming to market every day, like our new multi-cloud solution that allows healthcare businesses to leverage the strengths of varying cloud-based platforms and technologies for their unique business needs, these issues are made priorities from the very start.
The key for all healthcare organisations, from providers and payers to medical device companies all the way to research and pharma, is to partner with compliance experts who know how to set up a managed cloud to ensure that any changes made within the cloud will not run afoul of regulations or jeopardise patient confidentiality. Only when privacy, security, and compliance are included by design will trust and collaboration flourish, and thus enable leaps in innovation.
What will healthcare organisations gain from such an approach? For starters, they will prove to collaborators, patients and members that they take compliance and privacy seriously. More importantly, however, they will be able to dedicate more time to innovating new approaches and technologies that allow them to deliver better care at a lower cost, which is what the global healthcare system desperately needs.
The author of this blog is Scott Whyte, chief strategy officer, Cleardata.