• Technologies
    • Black Lotus Labs
    • Cloud
    • Edge Compute
    • Collaboration
    • Managed Services
    • Network
    • Security
  • Business Advice
    • 4th Industrial Revolution
    • Business Continuity & Disaster Recovery
    • Customer Experience
    • Data Driven Business
    • Operational Efficiency
    • Tech Trends
  • Industries
    • Financial Services
    • Healthcare
    • Gaming
    • Manufacturing
    • Media and Entertainment
    • Pharmaceutical
    • Public Sector
    • Retail
    • Technology
  • About Us
    • Leadership Perspectives
    • NewsRoom
  • Technologies
    • Black Lotus Labs
    • Cloud
    • Edge Compute
    • Collaboration
    • Managed Services
    • Network
    • Security
  • Business Advice
    • 4th Industrial Revolution
    • Business Continuity & Disaster Recovery
    • Customer Experience
    • Data Driven Business
    • Operational Efficiency
    • Tech Trends
  • Industries
    • Financial Services
    • Healthcare
    • Gaming
    • Manufacturing
    • Media and Entertainment
    • Pharmaceutical
    • Public Sector
    • Retail
    • Technology
  • About Us
    • Leadership Perspectives
    • NewsRoom

Healthcare Needs Open Data. Here’s How to Secure it.

JP Perez Posted On December 15, 2021
0


0
Shares
  • Share On Facebook
  • Tweet It

Healthcare-related business from clinics through to insurance providers and pharmaceutical companies face significant challenges in the coming years. They are changing the way they produce and access data, opening up new opportunities for supply chain efficiency, customer service, and patient care. The pandemic has accelerated this pressure to digitally transform. This has sparked a new era of application development in which software is more connected than ever. It also brings new security risks.

Healthcare is just one industry facing new requirements and challenges as it adopts open data policies. We’ve seen it in other sectors around the world as governments demand open access to banking and other data. For example, the EU’s European Open Science Cloud supports easier sharing of data within the research community, while in the US, Data.gov provides access to hundreds of open data sets.

Open APIs: a revolution in access to healthcare data

In the US, the healthcare industry is facing regulatory pressure to expose patient data via digital interfaces. The legislation to watch is the 21st Century Cures Act. Passed in 2016, this legislation includes several measures to promote better care for patients.

The Office of the National Coordinator for Health IT (ONC) published the Cures Act rule (also known as the Final Rule) under this law, forcing clinicians and hospitals to open up electronic access to health data via standardized application programming interfaces (APIs). These are interfaces designed for software applications to query each other across networks by communicating data in machine-readable form.

Exposing electronic health records (EHR) is a positive development for patients because it brings the process of free access to their data and opens the market to a wider variety of healthcare apps. Today, a small cadre of incumbents control access to EHR. As of 2020, EHR companies Epic and Cerner had over half of the total market share between them. Thanks to 21st Century Cures, that is likely to change.

The Final Rule defines an open API requirement based on a standard known as the Fast Healthcare Interoperability Resources (FHIR), created by healthcare standards body Health Level Seven International (HL7). The deadline for hospitals to make data available under the FHIR deadline is December 31, 2022.

Expect to see more third-party apps leveraging the open API and innovating with patient data: hospitals, pharmaceutical companies, insurance providers, appointment booking systems and even fitness apps.

Addressing the API security threat

While this development presents new opportunities for patients and app developers, it also introduces new dangers. Attacks on APIs are growing as criminals exploit weak API security to harvest information or take down services. Companies frequently consider API security an afterthought and leave old versions of APIs exposed, inviting intruders to rattle the doors.

Insecure APIs attract attackers in part because they support automated access. If a legitimate software application can make an API request, so can a malicious bot as it tries to take over an account, launch a denial-of-service attack, or harvest sensitive content. The threat is great enough that Gartner predicts APIs will be the most frequent attack vector by 2022.[1]

Healthcare providers and applications exposing health data must secure their APIs to avoid breaches. This means scanning and cataloguing existing APIs, removing obsolete versions, and protecting new APIs as they are added. It also involves implementing strong authentication, encrypting data flows, and selecting data outputs carefully.

Finally, these companies must implement proactive security solutions to detect suspicious activity and thwart attacks quickly at the source.

Lumen’s holistic approach to API security

This is where Lumen can help.

Lumen offers one of the broadest sets of application-layer security solutions on the market combining WAF, bot management and state-of-the-art API protection. Versatile and holistic, our application security solutions can help protect healthcare providers as they open EHR data to third parties, as well as new app developers that need to secure their patient-facing platforms.

With Lumen, a blend of discovery, monitoring, and advanced threat management techniques help stop malicious actors in their tracks. We offer one of the broadest portfolio API protection solutions. Through API profiling and monitoring, Lumen identifies API endpoints across the organization, protecting those that connect suppliers and partners. Our discovery tools reconstruct API specs and features and assess traffic patterns to distinguish between normal requests and anomalies.

Our advanced threat detection uses machine learning to analyze API activity over time and better understand the anatomy of an attack. This helps avoid false positives and automates your defence to keep the operational burden low.

Lumen offers these benefits in a hybrid software as a service (SaaS) and managed SOC model. This allows us to tailor our services to a company’s resources and threat profile, while minimizing deployment time and effort. It includes not only threat hunting and automated incident response for live attacks, but also gives you the comfort of our 24/7 security operations center, staffed by security experts.

We protect APIs, web applications, and microservices from emerging application security threats. This gives you peace of mind when providing access to EHR across all your application interfaces.

Talk to us about how we can help secure your healthcare application as you work to meet the open API requirements.

Learn More

[1] Gartner, “API Security: Protect your APIs from Attacks and Data Breaches”, Accessed December 2021. https://www.gartner.com/en/webinars/4002323/api-security-protect-your-apis-from-attacks-and-data-breaches#:~:text=Gartner%20predicts%20that%20by%202022,a%20wide%20range%20of%20organizations

This content is provided for informational purposes only and may require additional research and substantiation by the end user. In addition, the information is provided “as is” without any warranty or condition of any kind, either express or implied. Use of this information is at the end user’s own risk. Lumen does not warrant that the information will meet the end user’s requirements or that the implementation or usage of this information will result in the desired outcome of the end user. All third-party company and product or service names referenced in this article are for identification purposes only and do not imply endorsement or affiliation with Lumen. This document represents Lumen’s products and offerings as of the date of issue. Services not available everywhere. Business customers only. Lumen may change or cancel products and services or substitute similar products and services at its sole discretion without notice. ©2021 Lumen Technologies. All Rights Reserved.

Related posts:

  1. What is Web Application Firewall (WAF)?
  2. SD-WAN Is the Cure for the Common Healthcare Network
  3. How the cloud fills critical healthcare gaps
  4. Distance No Longer A Barrier To Education Or Health
0
Shares
  • Share On Facebook
  • Tweet It


CybersecurityHealthcare


Author

JP Perez

JP Perez is a Sr. Edge Applications Specialist at Lumen Technologies. He holds a Master's degree in Machine Learning and Signal Processing, a CISSP certification and an ecommerce certificate. Over his 20+ years in the industry, JP has designed infosec and risk management solutions for clients in many verticals including healthcare. JP currently focuses in combining the areas of Edge Networking, Cybersecurity and Content Delivery Networks to assist customers looking to improve their application delivery security posture and app performance.

Trending Now
Why Fiber Internet Is Essential For Your Business
Taylor Duncan January 25, 2023
Lumen open sources client-side CDN load balancing logic within the Streaming Video Technology Alliance
Sergey Arsenyev January 24, 2023
You may also like
Collaborate to protect the whole of your state and local resources
January 4, 2023
SD-WAN Is the Cure for the Common Healthcare Network
December 20, 2022
What is Web Application Firewall (WAF)?
November 21, 2022
5 key reasons to choose fiber for business
Read Next

5 key reasons to choose fiber for business

  • Categories

    Adaptive Networking

    Connected Security

    Hybrid Cloud

    Communications and Collaboration

    Edge Computing

    SASE


  • Lumen is guided by our belief that humanity is at its best when technology advances the way we live and work. With 450,000 route fiber miles serving customers in more than 60 countries, we deliver the fastest, most secure platform for applications and data to help businesses, government and communities deliver amazing experiences.

Services not available everywhere. ©2022 Lumen Technologies. All Rights Reserved.
Press enter/return to begin your search