In 2004, the Department of Homeland Security (DHS) declared the month of October National Cybersecurity Awareness Month. At this time:

  • Apple’s iPhone was three years away from being released
  • Google had just become a public company
  • The majority of healthcare information still sat in file drawers.

More than most, DHS was acutely aware that we would come to rely on the internet as our primary mode of communication and trade. It was important to draw attention to the value of keeping data secure.

Fast forward to 2009. While some providers had already begun adoption of EMRs and other online tools, the 2009 HITECH Act accelerated the pace of moving healthcare data into the digital space. That same year, the Virginia Prescription Drug Monitoring program claimed the dubious distinction of being the first widespread health data breach, with 8 million patient records and 35 million prescriptions targeted.

Healthcare’s cybersecurity posture is measurably improved today, yet the amount of data moving through the healthcare system has grown exponentially. From EMRs to patient monitoring devices and telehealth solutions, caregivers have a range of data-driven tools to help them deliver better outcomes at lower costs. But keeping that data accessible, safe, and protected is a challenge. Healthcare breaches are a daily occurrence.

National Cybersecurity Awareness Month reminds us that hospitals and health systems are custodians of precious patient information, and they have a clinical, ethical and legal obligation to keep data safe and secure. Amidst the daily blocking and tackling of cybersecurity, the annual event reinforces our commitment to helping clients preserve their custodial obligation.

Here’s to a safe, secure month–and year–ahead.