Health IT is one of the fastest growing industries in the market. The North American healthcare IT market is projected to grow at a compounded annual rate of 13.5% through 2020. Driving this growth are new technologies, devices and platforms that are currently growing in two separate bubbles: consumer-based technologies (e.g. FitBit) and clinical technologies (e.g. EHR systems). Beyond this, the benefit of closing gaps in care and integrating patient generated health data (PGHD) into clinical technologies is widely accepted – although concerns about data overload and time constraints have impeded the advancement of physician adoption of PGHD in the clinical setting.
In short, all of this translates to the generation of massive amounts of data – and because it’s protected health information (PHI), security has to keep pace with the scale of data growth and the cunning of cyber attackers. Much of the challenge with PGHD will come from the vulnerabilities of personal and public WiFi networks that are frequently targeted by cyber criminals in other industries, like in credit card information theft and identity theft.
The Healthcare Application Development Dilemma
Healthcare application developers can help reduce the risk of breaches and unauthorized disclosures by implementing the appropriate measures in health IT software architecture. HIPAA provides guidelines and outlines regulations, but is unclear what technical specifications are necessary for creating secure applications. What’s more, ensuring usability of health IT solutions can many times require compromises to ideal security implementations in favor of enhancing the user experience.
Limitations to what can – or should – be stored in the device, user authentication and data encryption are just some of the variables that need to be taken into consideration. As US healthcare continues to progress towards an improved patient-provider relationship, better health information and a focus on moving treatment to the primary care setting, healthcare application development teams will need to balance HIPAA-compliant practices with application security and usability needs. The complexity of health IT security and HIPAA compliant application development will only grow as new data sources are incorporated, and as integration across myriad disparate systems in the clinical setting takes hold.