Digital transformation promises numerous benefits for the healthcare sector. Among them are more efficient processes, better care, and increased patient satisfaction. Data management plays a central role. In care provision as in research, institutions need large data volumes to be available, easy and secure. While providing access for legitimate use, they must prevent all other access. The informational self-determination of patients and medical confidentiality are tough requirements.
The need for a robust security architecture in healthcare
A robust security architecture is a prerequisite to meet these requirements. It needs to counter external threats and regulate and document access within. Automation has to be transparent to simplify processes without creating security risks.
Simple solutions such as public clouds or archaic solutions such as e-mail attachments are not up to the task. They do not offer the necessary process security. Also, due to their architecture, it is never clear who else can read the content. Such simplistic approaches could expose institutions to legal, financial and reputational risk. For example, in Germany, the breach of medical confidentiality carries actual jail time.
Proprietary storage solutions have similar downsides, since their source code is not accessible. Medical institutions thus cannot make sure that there are no backdoors for unauthorized third-party access. Such software often uses proprietary data formats, as do many hospital management solutions. This makes it hard for institutions to switch to another software when needed. It also makes it difficult to exchange data with other institutions or applications. Closed source solutions thus lock institutions in and avoid interoperability. They also broadly slow down the urgent digitization of the healthcare system.
Open technologies and open standards are in high demand
Open technologies with open standards are the key to secure and efficient healthcare digitization. Open Source software is verifiably free of backdoors. Medical institutions can deploy it at a certified data center of their choice or even in-house. This gives them true sovereignty, and full control over their data.
Open Source solutions can be highly scalable and extensively adaptable, and can offer powerful workflow functions. With such capabilities, medical institutions can work securely and efficiently in both treatment and research. Leading institutions like UKE Hamburg and the Italian medical research network GARR use Open Source platforms: They are happy with ownCloud, as is the Clinical Cancer Registry Saxony-Anhalt.
An important step in the shift towards digital healthcare are also the Medical Information Objects (MIOs). MIOs save medical data according to a defined, standardized format. The German Association of Health Insurance Physicians (KBV) developed them for their patient record scheme (ePA). This open standard means that any system can read and process the health records. This makes the exchange of information between the different roles in healthcare considerably easier. And it avoids vendor lock-ins.
Data sovereignty must be preserved
The healthcare system needs more digitization. However, data sovereignty for patients, institutions and Europe as a research location must be ensured. Medical institutions should choose software based on open standards, preferably from Europe. And they should avoid opaque clouds controlled by the USA or China.