Healthcare Application Security: How to Protect Patient Data

Securing ePHI in the Age of Digital Health Tools is a three-part blog series that explores how healthcare providers can protect PHI and mitigate healthcare data security risks associated with patient engagement technologies by implementing the right security protocols. Read parts one and three now.

In the first article of our series on healthcare application security risks, we looked at the risks involved in healthcare supply chains and how weak points in these systems can pose huge cybersecurity risks to organizations. Mitigating these risks starts with the right vendor due diligence process. In this article, we’ll discuss healthcare application security and how organizations can ensure that their technical infrastructure is well-equipped to minimize the risk of threats, and how to manage threats when they arise.

Understanding Healthcare Supply Chain Attacks

In today’s healthcare landscape, patients are increasingly demanding a wide range of digital services from their providers. These services are often provided by third-party vendors, and it has become increasingly common to see these patient-facing applications gain access to electronic health records (EHRs), revenue cycle management (RCM) systems, and other key source systems. As software supply chains become more complicated and interconnected, providers have become increasingly vulnerable to damaging supply-chain attacks.

Healthcare Application Security Risks with Patient-Facing Tools

As cyberattacks continue to surge, IT application security in healthcare is increasingly critical. Working with patient-facing technologies can pose a number of healthcare application security risks. For starters, it can be particularly challenging for healthcare organizations to gain oversight of the entire software ecosystem. Knowing where the risks lie involves understanding potential weak points in the system, the relationships and integrations between different pieces of software, and, crucially, who has access to what data.

One common security risk occurs when healthcare organizations permit over-generous access permissions that allow multiple users to access large swathes of patient data. Beyond the technical flaws that exist with patient-facing apps, human error can also be a factor when it comes to over-generous access permissions. For example, this might involve allowing unauthorized parties to access electronic protected health information (ePHI) that they shouldn’t have access to – such as billing data when that party has no use for such data.

Finally, a failure to monitor for suspicious activity can be a major source of risk to an organization and its patients.

Healthcare Application Security

Best Practices for Securing Patient-Facing Healthcare Applications

To protect patient data, it’s crucial for healthcare organizations to implement clear protocols that give them as much oversight as possible and allow them to control access to ePHI and other sensitive data.

Apply the Principle of “Least Privilege”

When integrating systems with patient-facing apps, one of the main issues with security is the authorization of the users to those systems. Healthcare organizations should abide by the principle of “least privilege,” which defines that users should have the bare minimum access to perform their duty and no more. A thorough audit should take place when integrating systems to match profiles, centralize authentication if possible using single sign-on (SSO) technology, and apply a standardized authorization policy between them.

Take the Zero Trust Approach

Nowadays, classic authorization and authentication are not enough. Recently, the White House released an executive order to improve the nation’s cybersecurity that revolves around the idea of “zero trust.” As stated in the executive order, “The Zero Trust security model eliminates implicit trust in any one element, node, or service and instead requires continuous verification of the operational picture via real-time information from multiple sources to determine access and other system responses.” This means, for example, that in healthcare patient portals, the system should not trust an authenticated user by default, but should verify each action to determine if there is any unusual behavior that should be blocked when accessing PHI.

Map the Ecosystem

To gain the best possible oversight of potential entry points, healthcare organizations should create a map or inventory of third-party relationships. It’s important to note that, due to continuous software updates, this map can be altered at any time. In fact, supply chain hackers have been known to exploit software updates in order to infiltrate a system undetected. That was the case in the prominent SolarWinds attack, which saw an estimated 18,000 victims affected by a malicious software update in a network management system. For this reason, a living inventory and continuous audits are vital.

Add Additional Identity Controls

To ensure that admin, staff, and provider logins are well secured, health organizations should consider putting in place best-practice identity controls such as multi-factor authentication (MFA). This feature is vital for heightening the security of accounts that have access to a wide range of ePHI. Whenever possible, MFA should be implemented at both the patient and the staff user level.

Keep Data Backed Up

Valuable patient data is a prime target for cybercriminals, so it’s vital to keep this kind of data backed up, encrypted, and secured. These backups should be kept off-site so that they can be accessed in the event of a ransomware attack when access to an organization’s infrastructure is disrupted. One method that’s leveraged by modern healthcare organizations is to use multiple HIPAA/compliant cloud hosting providers. This ensures that backups are kept on different, isolated systems. Automation tools can be employed to achieve “infrastructure-as-code” systems that can easily be replicated on one or another provider in case of a disaster.

Minimize Human Error

Having the best security protocols in the world means nothing if staff are unaware of security risks and how to mitigate them. One study found that 40% of respondents were unaware of the cybersecurity measures in place at their healthcare organization while 90% of healthcare staff working remotely during the pandemic did not receive any security guidelines or data privacy training before going remote. Well-trained staff are a crucial weapon in the fight against cybersecurity attacks.

Much like the continuous auditing and monitoring involved in working with third-party vendors, staff training is an ongoing process. With regular training sessions, employees should come to understand what it means to have access to ePHI and the importance of safeguarding this sensitive information.

Work with Security-Conscious Healthcare Vendors

With increased vulnerability of cyber threats, IT application security in healthcare must take higher priority. Healthcare organizations need to play an active role in mitigating security risks throughout their health IT infrastructure. By partnering with a patient engagement software vendor like Bridge who is well versed in HIPAA regulations and the highest standards of cybersecurity, this task can be made much simpler.

In the third and final article in the series, we take a much closer look at the ways in which patient engagement technology can pose security risks to healthcare organizations through inexperienced development, poor authentication processes, and features that do not comply with the HIPAA. We’ll then list many of the features of secure and reliable patient engagement technology.

Read Part 3: Securing Patient Data: Cybersecurity Recommendations for Patient Engagement Technologies.

Pablo Bullian
Pablo Bullian

Pablo Bullian (CISO) Pablo manages Bridge’s IT security policies and HIPAA-compliant hosting infrastructure. He holds an M.S. in Cybersecurity, is an associate professor of cybersecurity engineering, and holds various certifications in cybersecurity and networking.