latest

Increase in use of AI in healthcare sector leads to data security concerns

NHS organisations are increasingly turning to artificial intelligence to improve efficiency and diagnostics – but are hindered by a lack of good security infrastructure

24th July 2024 about a 3 minute read
"The blend of innovations combined with incumbent legacy systems can cause issues with device deployment, integration and management – as well as related security protocols required. This in turn results in increased vulnerability to cyberattacks and, as our research shows, also means staff spend too much time fixing IT issues instead of being able to prioritise patient care.” Stefan Spendrup, vice-president sales, Northern and Western Europe, SOTI

Many health care organisations adopting artificial intelligence (AI) do not have appropriate security practices in place, a report from the software provider SOTI has found.

The report, entitled Code Digital: Will Healthcare Thrive or Survive, found that data security is now the main IT concern for 33% of health care IT professionals, an increase from 17% in 2023. Nearly three-quarters (71%) admit that their organisations have experienced one or more data breaches since 2022.

The survey of 1,450 health care IT professionals in the US, Canada, Mexico, UK, Germany, France, Sweden, the Netherlands and Australia, looked at the evolving landscape of healthcare technology adoption, the range of devices used and the security risks and challenges.

According to SOTI, the persistence of legacy technology is making it difficult for health care workers to do their jobs efficiently and for IT infrastructure to be secure. Almost two thirds (63%) of respondents believe their organisations are using outdated technology, an increase from 46% in 2022. In the UK, the figure is at 65%.

The research also shows that the UK’s health care system is losing an average of 3.27 hours per week, per employee, as a result of technical or system difficulties associated with poorly-managed devices and IT infrastructure. This has increased from 2.9 hours in 2023.

Health care infrastructure not keeping pace with growth of devices

Nearly all (90%) of those working in health care believe their organisations would benefit from more interconnected medical devices. Health care infrastructure and management processes have not kept pace with the rapid growth in the number and complexity of devices deployed in the sector, the report found. This reduces their ability to maximise the potential of newer technologies and the data they contain.

The report says that the inability to manage new and broadening technologies in legacy infrastructures has led to three key issues shared by respondents:

  • Security: data privacy issues for patients and organisational data remains at risk
  • Innovation: transitioning to future technology is a struggle because of the prevalence of legacy systems
  • Telehealth and AI: the absence of remote monitoring prevents the industry from fully leveraging these developments.

Half of health care organisations have experienced data breaches

About half of the respondents (51%) said they had experienced external data breaches since 2022. Accidental and intentional data leaks by employees have stayed the same over the past three years, however, along with distributed denial-of-service (DDoS) ransomware attacks. The survey results highlight the critical need for robust data protection measures and substantial investment in securing sensitive health care information. SOTI’s research reveals a direct link between the use of legacy technology and escalating security issues.

NHS trusts have been hit a number of times by cyberattacks, including most recently in June this year, when patient data managed by pathology testing organisation Synnovis was stolen in a ransomware attack.

Stefan Spendrup, vice-president sales, Northern and Western Europe at SOTI, said: “Striking a balance between modernising with new technological advancements, such as AI, while also securing existing and older technologies is a challenge. The blend of innovations combined with incumbent legacy systems can cause issues with device deployment, integration and management – as well as related security protocols required. This in turn results in increased vulnerability to cyberattacks and, as our research shows, also means staff spend too much time fixing IT issues instead of being able to prioritise patient care.”

FCC Insight

If the NHS is going to meet the demands of an ageing population, and the increasing burden of chronic illness, it will need to adopt technologies such as artificial intelligence that can speed up diagnose or improve the efficiency of routine tasks. A greater reliance on IT, however, brings added security risks and vulnerability to cyberattack. The SOTI report found that health organisations globally are not keeping their infrastructure and processes sufficiently up-to-date to defend against such attacks. For the NHS, which has historically struggled with IT implementation, and which has been the subject of recent high profile cyberattacks, updating its IT systems and management procedures is now a matter of urgency.