Lee Barrett on the Balance Between Strong Cybersecurity and Patient Access to Data

As healthcare organizations seek to expand the scope of data that patients can access, they must remain vigilant about cybersecurity and monitor the risk of data breaches and attacks, said Lee Barrett, executive director of the Electronic Healthcare Network Accreditation Commission.

Transcript (slightly modified)

How can the industry address the tension between providing greater patient access to data and sharing data to improve care while protecting data from breaches?

I think it comes down to creating the right balance, and it is a balance. We want to increase the amount of data access for, whether it’s analytics, whether or not it’s population health, predictive measurements, artificial intelligence that we’re applying against a lot of this data. We’re, as I said, indicating and providing a lot more capabilities for patients to have access to data.

The key really comes down to organizations doing their due diligence, making sure they’re taking it very seriously, putting in place as well the types of controls, policies, procedures that they need to have, the predictive analytics as far as being able to predict that an attack is actually occurring. And, in some cases, what they also need to do is look at the fact that they’ve got third-party entities that are acting on their behalf as business associates, and those business associates, if they have a breach, incident, or attack, it’s going to reflect on them, so they also need to have some type of review and process in place for those third-party entities as well.