This Week in Health Tech

Focusing on Security and Privacy in the New Normal

August 19, 2020 Vik Patel and Jimmy Kim Season 1 Episode 21
This Week in Health Tech
Focusing on Security and Privacy in the New Normal
Show Notes

In this episode of TWIHT, Vik and Jimmy comment on security and privacy in this new normal of COVID-19 crisis.
We start by talking about the latest in health tech. Vik talks about digital strategy: telehealth, AI, mobile apps, and how healthcare systems in the middle of the COVID-19 crisis are having to figure out how to update their strategy and make use of innovative tools.
Jimmy compares similar situations in the fitness industry. It's all virtual. Vik agrees, that lot of patient care can happen virtually and it continues to grow.
But again that is why we wanted to talk about security and privacy concerns with the new virtual and remote services.
We start with the tracing apps. Vik provides an example with Norwegian public health who developed a mobile tracing app and was pushed to the public. However, the Norwegian privacy and security agency indicated that the app did not comply with the privacy laws, and the Norwegian tracing app had to be suspended. They were forced to delete all the data collected via the tracing app.
Jimmy reminds us that we discussed the confusion around the data governance and policies in the last episode w/ Unmesh in the future of healthcare episode 19 of TWIHT.
Vik and Jimmy then talk about working from home and authentication from home. This is where multi-factor authentication can provide added security for access to networks or apps.
Security is an even bigger concern because the percentage of employees working from home is way higher than before COVID-19 times.
Vik mentions that the biggest way hackers get access to networks is through phishing emails. Especially, nowadays, hackers will use COVID-19 related phishing emails to lure people into clicking links to download or log in or filling out a form. It looks legitimate and when you are not working from home, your guard is down, so it is easier to become a victim to phishing emails. Jimmy mentions a couple of people that did fall victim to these phishing emails and these are educated people who are aware of phishing emails.
Jimmy and Vik talk about security tool examples like Microsoft security center with Microsoft 365 and Azure. There are alerts available that are customizable. It monitors the pattern of traffic and app usage and alerts users if the network or app usage is outside of the norm.
Vik mentions that they are seeing increased demand of test automation especially with increase in enhanced digital strategy. He mentions examples w/ telehealth, a mobile app for COVID-19 testing, or patient-centric apps for accessing information. Using test automation, it is possible to test and validate applications against hundreds of combinations of devices and browsers.
Test Automation also helps the testing and validation of web and mobile applications as they are updated with continuous and regression testing. It is important not just for user experience but also for security and privacy to make sure all healthcare apps are thoroughly tested and validated.
Vik comments about disaster recovery but in this new normal, it is also necessary to think about how will organization deal with the loss of key personnel in a department example loss of a key integration engineer or system administrator. This is why documentation and disaster recovery drills are very crucial.
Jimmy and Vik then comment about ransomware attacks and how the number of attacks has gone up. A lot of these ransomware attacks start with phishing emails. They talk about an example of UCSF healthcare ransomware at

Support the show

Listen to all This Week in Health Tech episodes
Vik Patel - LinkedIn
Tido Inc. - Website
Tido Inc. - LinkedIn