In a recent correspondence, the researcher highlighted the outsized role of online tools in promoting public health, especially during this time of the pandemic.1 Despite the various policies from the government in a bid to contain the virus, many health care industries in the developing world have been disrupted.
One of the sectors that have grown in response to this global health crisis is the telehealth industry. The World Health Organization considers telehealth as synonymous with telemedicine. The role of the delivery of health care services through health care professions utilizes the information technologies to diagnose, treat and prevent a myriad of diseases, educating health care providers and advancing individual and community health.2 Its role in decreasing infection by facilitating physical distancing and the ‘forced’ adoption of various telehealth measures have made the discussion on its present and future role much more important for public health.
Given the worrying trend of increasing ransomware attacks on the health care sector, the adoption of telehealth must be cautious. Tenable, one of the biggest cybersecurity firms in the world, disclosed in its January–October 2020 report that more than 22 billion records have been exposed to 700 publicly disclosed data breaches. As the health care sector is the most affected, health infrastructure has a much critical role to play. The greater demand in health care services, especially remote ones, created multiple entry points like contact-tracing apps, providing medical data to research facilities and improve medical manufacturing for malicious actors to disrupt.3
These hackers begin to increase their attacks on the health care sector for a variety of reasons: one, the lucrative black market selling of personal health information (PHI). This is defined as data, such as medical identification numbers, health insurance, mental health records and admission and discharge dates, that are more specific and cannot be changed.4 Second, the personally identifiable information (PII). This includes credit cards and government ID numbers that can sell for $1–2, while PHI can sell for $363. These are used by criminals to defraud and scam victims. They produce counterfeit insurance claims and illegally obtain access to medicines that they otherwise would not get.5 IBM Security already has reported that the health care industry has the highest average cost of $7.13 million data breach in 2020 that increases more than that of the global average6 and was believed to continue to rise in the future.7
In the Philippines context, analysis from cybersecurity firm Kaspersky in 2019 shows that the country ‘had the most number of infected medical devices in Southeast Asia’.8 This shows the severity of the issue, and the Philippines government has attempted to address by allocating more than P1 billion for cybersecurity for 2021.9 The local data showed no rise in the average percentage of IT budgets spent on the cybersecurity, from local firms.10 A multi-sectoral framework could be proposed to mitigate cybersecurity risk, especially for health care firms, and establishing a culture of security should be the first step for health care companies seeking to protect their data from malicious actors.11
Acknowledgements
No funding was received from this paper.
John Christopher M. Camarines, Alumnus
Contributor Information
Teresa M Camarines, De La Salle University Integrated School, 2401 Taft Ave, Malate, Manila, 1004, Philippines.
John Christopher M Camarines, De La Salle University, 2401 Taft Ave, Malate, Manila, 1004, Philippines.
Conflict of Interest
The author declares no conflict of interest in this paper.
References
- 1.Maravilla MI. COVID-19 survivors Philippines: towards the promotion of public health during the COVID-19 pandemic. J Public Health 2021;fdab200. 10.1093/pubmed/fdab200. [DOI] [PubMed] [Google Scholar]
- 2.World Health Organization. TELEMEDICINE in Member States. 2010. https://www.who.int/goe/publications/goe_telemedicine_2010.pdf (16 June 2021, date last accessed).
- 3.Quilan R. Healthcare Security: Ransomware Plays a Prominent Role in COVID-19 Era Breaches. 2021. Retrieved from https://www.tenable.com/blog/healthcare-security-ransomware-plays-a-prominent-role-in-covid-19-era-breaches (12 June 2021, date last accessed).
- 4.Iao K. Personally Identifiable Information: HIPAA Compliance Key Facts. 2020. https://www.paubox.com/blog/personally-identifiable-information-hipaa-and-pii-compliance/ (12 June 2021, date last accessed).
- 5.Center for Internet Security. Data Breaches: In the Healthcare Sector. 2021. https://www.cisecurity.org/blog/data-breaches-in-the-healthcare-sector/ (12 June 2021, date last accessed).
- 6.IBM. Cost of Data Report. 2020. https://www.ibm.com/security/digital-assets/cost-data-breach-report/#/ (13 June 2021, date last accessed).
- 7.Seh AH, Zarour M, Alenezi M et al. Healthcare data breaches: insights and implications. Healthcare (Basel, Switzerland) 2020;8(2):133. 10.3390/healthcare8020133. [DOI] [PMC free article] [PubMed] [Google Scholar]
- 8.Chua K. 76% of Devices in Healthcare Facilities in PH Infected by Malicious Code. 2019. https://www.rappler.com/technology/features/medical-devices-philippines-malicious-infections-kaspersky-cybersecurity-weekend (12 June 2021, date last accessed).
- 9.Kabiling G. Gov’t Allots P1.2 B for Cybersecurity in 2021 Budget. 2020. https://mb.com.ph/2020/08/28/govt-allots-p1-2-b-for-cybersecurity-in-2021-budget/.
- 10.Business Mirror. IT Security Budget Stagnant Despite Rise in Cyber Attacks. 2021. https://businessmirror.com.ph/2021/04/01/it-security-budget-stagnant-despite-rise-in-cyber-attacks/ (12 June 2021, date last accessed).
- 11.University of Illinois Chicago. Cybersecurity: How It Can Be Improved in Healthcare. https://healthinformatics.uic.edu/blog/cybersecurity-how-can-it-be-improved-in-health-care/ (12 June 2021, date last accessed).