The importance of cybersecurity in medicine

Multinational technology GMV It was celebrated on the second day of Health Technology Monitor (HTO) in collaboration with the National Association of Health Informants (ANIS). On this occasion, the session focused on critical issues pertaining to the region Cyber ​​securityHealth data management and communication in information systems, ranging from health centres, hospitals and emergency rapid response teams.

he Liquid Hospital – Communication with patients through digitalization – is a new model of patient care based on e-health or medicine supported by new technologies, which goes beyond the physical walls of the center and penetrates outside, involving patients, their families and professionals and making them collaborators. – Responsible for their health care, in a collaborative manner, with the consequent benefit of continuous and comprehensive monitoring of dependent, frail and chronic persons without the need to be present in the hospital.

This continuity of care, beyond hospital care, is not limited today to telemedicine or remote monitoring, but deploys its full potential by analyzing large amounts of data from many sources and sources.Artificial Intelligence (AI) Among other things, the ability to personalize treatments and contribute to treatment research, highlighting the benefit of research into rare diseases. It is a more flexible model, better adapted to the needs and environment of patients, more motivating, more interactive and more flexible in solving all processes. In this new form of healthcare, data takes on special importance to provide evidence in both clinical events.

This new scenario represents a change in the regulatory and healthcare paradigm that is moving towards predictive, personalized, precise and collaborative medicine thanks to new and continuing digital technological advances. It is a combination of personalized care and the benefits of technology, designed for the 21st century patient.

Transformation challenge

But every transition is a challenge. On the one hand, the cybersecurity of systems must be guaranteed, and on the other hand, the privacy of people. a Internet attack It can make patients more vulnerable, paralyze healthcare, and harm research for which data is the main evidence. It is worth noting that the number of phishing and ransomware attacks in the healthcare sector increased by 650% in the past year. On the other hand, harnessing the full potential of tools such as artificial intelligence, through which research can be accelerated by creating unified data networks, owned by various public and private institutions, to apply personalized and precision medicine, during the response. For diseases even without them, it is necessary to have the highest safety standards in place in the organization.

To discuss all this, the 2nd Health Technology Observers (HTO) Conference organized by GMV brought together relevant experts such as: Miguel Angel Benito, Regional Coordinator for Information Security of the Balearic Islands Health Service; Luis Perez Pau, European CIO of FutuRS, a Ribera Salud Group company; Oscar Rianoresponsible for GMV’s CERT; Francesc Garcia Cuyas, Director of Digital and Data Strategy at Sant Joan de Déu Hospital, Barcelona; Imaculada PerezDirector of Digital Health at Secure e-Solutions at GMV and Alberto importoDirector of Information Systems and Digital Transformation at HM Hospitals.

European health data space

On 3 May 2022, the European Commission launched the European Health Data Space (EEDS). It is a “health-specific ecosystem” (in the Commission’s words) for health data exchange that creates a governance framework for the use of electronic health data by patients (primary use) and for research, innovation, policy development, patient safety, statistics or regulation (secondary use).

EEDS represents a paradigm shift in how health care is delivered. It will put medical data at the service of citizens and science, provide a reliable framework for using data in research and innovation, and increase the efficiency and resilience of society. Systems health, etc. Through EEDS, researchers will be able to more efficiently access a greater volume of high-quality data, thus directing their work towards personalized, predictive, preventive and precision medicine, towards medical care with explicit support from digital tools.

to Ensuring data protection For patients, protection and anonymization of medical data is implemented. This process consists of modifying data in such a way that it is not possible to identify the person you are corresponding with for medical research, and to comply with data privacy regulations. The EEDS rules on data reuse are based on the General Data Protection Regulation, the framework provided by the Data Governance Act, the proposed Data Law and the Cybersecurity Directive.

In addition to these standards Laws and regulations For the protection of personal data such as Regulation (EU) 2016/679 of the European Parliament and of the Council, of 27 April 2016 (General Data Protection Regulation, GDPR); Organic Law 3/2018, of 5 December, on the protection of personal data and the guarantee of digital rights, the Directive on data protection in the criminal field and other regulations related to the protection of personal data.

As GMV spokesmen at the event explained, AI algorithms need a large amount of data to obtain the accuracy required in the medical field. To do this, strict regulations must be followed. Existing algorithms come from a very small number of sources, which introduces bias into the algorithms and cannot be applied to different populations (poor reproducibility). Using a technique called federated learning, AI algorithms are trained collaboratively, without the need to transfer data from the hospital that houses them. Instead of moving data to a place where it can be processed, GMV moves algorithms to centers where the data resides. This technology relies on the application of techniques such as Secure Multiparty Computing (SMPC) or homomorphic encryption.

The challenge is cybersecurity

What about these federal networks and constant monitoring for comprehensive support? We must pay special attention at all times to cybersecurity throughout the entire process: from the systems in the medical center, to the monitoring devices that the patient uses at home. The challenge is Cyber ​​security Connecting systems and devices inside and outside medical centers.

Miguel Angel Benito, Regional Coordinator of Information Security at the Health Service of the Balearic Islands, shared information about the CiberAp project funded by the Ministry of Health, which aims to improve cybersecurity in the health sector, in a scenario where AI is presented as an enabler for healthcare and research is not without challenges. CiberAP will provide the 13 participating autonomous communities with an investment of €40 million, with the Balearic Islands setting the tone for the rest of the national regions: “The strategies and criteria to be adopted are determined by our coordination.”

For this part, Luis Perez PauThe European CIO of FutuRS, a Ribera Salud Group company, pointed out that the health sector is where it takes longer to detect a potential information breach. From the success of an attack until an organization realizes that its data has been compromised, there is an average of 329 days, according to the IDB’s Cybersecurity Guide for the Health Sector. Likewise, he stressed the ease of obtaining accreditation for hospitals as a framework of common measures is followed in all of them. The expert highlighted the need for “secure and responsible sharing of health data for healthcare and research purposes, which can significantly improve healthcare and social well-being. It is true that cyber attacks are increasingly increasing globally, and organizations must know their critical processes and have plans.” Determined to confront it or expose itself to its consequences. He added: “This is a challenge and also an opportunity to improve security.”

And remember how digital health depicts a scenario in which there are no doors, but a fluid model. Not only care centers or hospitals must be protected, but also the flow that occurs between the different factors that interact in this health model. Hospital, he commented Oscar Riano, Head of the GMV CERT (Computer Emergency Response Team), who explained what cybersecurity incident response centers in health institutions should be, proposed the Liquid CERT model and stated that digital availability in the health sector is proportional to the quality of life of people. Likewise, review the European regulations that will come into force next year and the year after, in which we will see a legislative “breakdown” focused on cybersecurity and resilience, such as NIS2 and CERT, as well as on data and AI, such as the Data Act and the Artificial Intelligence Act.

in this meaning, Francesc Garcia Cuyas, Director of Digital Strategy and Data at Sant Joan de Déu Hospital in Barcelona, ​​highlighted that in this model the home is like another room in the hospital and that the mission should be “to transfer the data, not the patient.” He also referred to the UNICAS network that functionally leads the Sant Joan de Déu Barcelona Hospital, and pointed to the new team model, formed by health professionals, data scientists and technologists, in this context of digital health and the liquid hospital.

In this same line he participated Perez Al-Taher, Director of Digital Health for Secure e-Solutions at GMV, he stressed that the new model leads to a focus on people rather than on the disease itself, providing specialists with early diagnosis and predictive, preventive, personalized and precise medicine. And all of this is thanks to the integration of AI platforms as healthcare service providers.

As the day closes, Alberto importoThe Director of Information Systems and Digital Transformation at HM Hospitals explained the digital transformation plan for HM Hospitals: how the Liquid Hospital was developed, the strategy followed with data and the work being developed at HM Institute for Health Research (IIS-HM) Hospitals: the “#Datacovidsavelives” experience. “HM Hospitals’ digital transformation plan represents a very important change management effort, which involves all departments of the company, but mainly the human team, allowing for technology-enabled renewal. The main axes of the digital transformation plan are: targeted management of individual data, efficiency of healthcare and clinical operations, digital relationships with patients and security.