Extending Legacy Systems To The Cloud For Secure Communications

By Paul Banco, CEO, etherFAX.

Paul Banco

Today, the average cost of a healthcare data breach is $429 per record. When organizations factor in the loss of productivity, the amount of civil complaints and fines levied, plus the public relations besmirching, the cost implications skyrocket. In 2018, the Department of Health and Human Services Office of Civil Rights concluded a record year in HIPAA enforcement activity – 10 settlement cases and one judgment totaled a whopping $28.7 million.

Though every industry is susceptible to cyberattacks, healthcare has experienced the largest growth in attacks over the years because patient records, insurance information, and social security numbers are more valuable on the dark web. Unfortunately, legacy systems may to be blame for the uptick in cyberattacks. Forescout researchers determined 53% of common medical devices are still operating on traditional, legacy platforms.

Legacy systems, insufficient access controls, and the proliferation of medical IoT devices have created security vulnerabilities that leave hospitals wide open to cyberattacks. Research from Vectra found that the majority of legacy systems are unsecured because healthcare organizations simply can’t afford the amount of downtime that patching requires.

To guarantee that unstructured data is transmitted securely, healthcare organizations must extend their analog fax machines to a hybrid-cloud network that is HIPAA complaint and provides end-to-end encryption, two-factor authentication, and direct faxing capabilities.

Hybrid-Cloud Technology

By leveraging the cloud and delivering all faxes via HTTPS, outdated fax boards, media gateways, and the complex telephony stack are eliminated. Unlike a legacy analog fax infrastructure, hybrid cloud technology can ensure that time-sensitive protected health information (PHI) are delivered within seconds with high-resolution, near-diagnostic image quality, and the highest levels of encryption. The accessibility of fax, coupled with the scalability of the cloud, ensures the exchange of PHI among the healthcare ecosystem is protected. This allows patients to receive high-quality care without compromising their personal information.

Advanced Encryption

Well-defined end-to-end encryption methods, such as those defined in the Elliptic Curve Integrated Encryption Scheme (ECIES), fully protect the transfer of information between two endpoints. The hybrid encryption scheme uses Elliptic Curve Cryptography to generate a shared secret between peers to seed the encryption process with unique keying material while signing and authentication mechanisms assure the validity of the data in transit.?Even if a third-party attempted to eavesdrop on the network communication, the information itself would be indecipherable.

Two-factor authentication (2FA) should also be utilized on every device that sends and receives PHI. Two-factor authentication can prevent cyberattacks by requesting a combination of credentials at access points that only the actual patient, doctor, billing operator or pharmacist would know.

Direct Digital Fax

Many organizations are unaware that a data exchange via email typically passes through multiple servers before it reaches the final point of delivery. This indirect transmission method can leave PHI and other unstructured data vulnerable to imminent threats of cyberattacks.

Utilizing a hybrid-cloud network with direct digital faxing is the key to ensuring communications never traverse an external telephone network. Black and White lists can also be leveraged to place further restrictions on the exchange of sensitive information.

Overall, network security can have an adverse effect on patient care. To reduce the threat of cyberattacks, organizations must extend legacy devices to a secure exchange network via the cloud. End-to-end encryption, two-factor authentication, and direct transmissions are also critical for protecting networks against imminent threats.


Write a Comment

Your email address will not be published. Required fields are marked *