Balancing easier access and greater security of healthcare data

Security is a big topic for healthcare right now and has been for some years. Johan Sörmling, Managing Director at Encap Security and Head of Mobile Identity at Signicat, believes that healthcare has a great deal to learn from other markets—in particular fintech. He believes it’s important to think of app users, no matter the app, as consumers when considering how to attract and keep people using healthcare apps.
Security is a big topic for healthcare right now and has been for some years. Johan Sörmling, Managing Director at Encap Security and Head of Mobile Identity at Signicat, believes that healthcare has a great deal to learn from other markets—in particular fintech. He believes it’s important to think of app users, no matter the app, as consumers when considering how to attract and keep people using healthcare apps.

We knew that access to healthcare data was valuable, but the last eighteen months has made it clear just how vital access to data is. Governments have used data to make decisions on border control and lockdowns. Healthcare authorities have used data to prioritise vaccination programs and resources. People have been able to use published data to better understand the scale of the pandemic and make decisions on the level of risk that they feel comfortable with.

One big lesson of the pandemic has been that sharing health data is good for decision making.

Unfortunately, it’s also been a bad time for data securityOne report suggests that the industry has experienced a 51% increase in the total number of records exposed, from 2019 to 2020. Healthcare has also become a big target for ransomware, with Ireland falling victim to a “catastrophic” attack in May 2021, and Germany being attacked in late 2020. The Vastaamo hack was possibly the most damaging of all, with a security flaw in exposing its entire patient database, including email addresses and social security numbers, but the actual written notes that therapists had taken.

Healthcare data can be some of the most sensitive information that’s held about us, ranging from the mundane to the intensely private. The lesson that some of the public may take away from the last few years is that sharing data is risky, and could mean a loss of control.

If healthcare providers want their patients to install and use the apps they have created, they may need to look to the success of other sectors to better understand how they can get people on board.

Healthcare apps as consumer apps

European regulators are keen to make mobile health a reality across the continent and have been for the best part of a decade, creating regulations and legal frameworks, and funding projects through its Horizon 2020 program.

Digital health and mhealth adoption has been patchy. As an example, France has been breaking records for telemedicine and has started trials for a vaccine passport. A new healthcare act adopted in 2019 is looking to expand the country’s focus on digital health—improving interoperability, establishing a data hub and make use of artificial intelligence. Germany has also been doing similarly good work since a change in health minister in 2019 meant a new way of doing things.

Elsewhere, progress has been slower. The app designed to help monitor the spread of COVID-19 has been described as a “fiasco”, while a study from the British Medical Journal found that many mhealth apps lacked privacy controls. One report claims that 71% of healthcare apps have a serious vulnerability.

Even as people choose to engage with healthcare apps, there are going to be problems—not every app will be of the same quality, and the public’s perception may be affected by poor-quality apps. This is a problem in every sector. Maybe it’s time to learn from them?

Financial services, for example, is another sector where people have data they want to keep to themselves, and only they should have access. In recent years, there’s been a huge shift to mobile apps. One in five UK customers, for example, now use challenger banks—huge if you consider how young the fintech sector is compared to the incumbent financial sector.

For healthcare apps to do the same, maybe it’s time to think more like a fintech

Learning lessons from elsewhere

What is the secret to fintech success? It’s a focus on customer experience. No one should find an app difficult to use or find it confusing. If they do, they will quickly abandon the app for one that’s more welcoming, and there are many alternatives on the market.

This attention to the customer experience includes one of the most important parts of any app, authentication. It’s also the part where many businesses go wrong. Authentication tells a business that the customer returning to their app is who they say they are. Often this is done with a username and password, but this is notoriously insecure—many people reuse passwords or use passwords that are simple and easily guessed. But additional security can mean making things more difficult for the customer—and turning them away from the app due to a poor experience.

Consumers need to both be protected, and feel protected. Security needs to be just a little bit visible so that they know it is there and they feel safe. If it’s completely invisible, or in the way consumers will walk away. So how can mhealth apps solve this problem?

If mhealth apps want customers to both be secure and feel secure in their apps, they need to start using some of the techniques that have been proven elsewhere. They need to use two-factor authentication. Consumers increasingly expect this level of protection, and many are now demanding it. If you have entered a code sent to you by text, then you have used two-factor authentication, but this is not the best way to do it. SMS text messages are not secure—anyone can send them, and they can be used in what’s called a “man in the middle” attack to take over an account.

Luckily, there’s a solution thanks to where the app exists in the first place. Smartphones are smarter than ever, with face and fingerprint recognition common. Integrating these makes two factor authentication easy for the consumer. Plus the data that the smartphone has access to, such as location, means that there can be far more confidence that the person using the app is who they say they are.

READ MORE:

Any app that wants to be successful needs to look beyond its own sector for best practice. For consumers, their banking app, games and mhealth all exist on the same device, one tap away. We believe that mhealth apps cannot rely on their usefulness alone if they want customers to return to them—they will expect any app to achieve the same level of accessibility no matter if it’s offering pure entertainment or advice for good health. mhealth apps are not competing with other mhealth apps, but with every other app on a customer’s device.

For more news from Top Business Tech, don’t forget to subscribe to our daily bulletin!

Follow us on LinkedIn and Twitter

Johan Sörmling

Johan Sörmling is the Managing Director at Encap Security and Head of Mobile Identity at Signicat, where he works alongside the technology, engineering, and sales teams to deliver secure and relevant products to its customers.

Encap Security – a software-based mobile ID solution – was recently acquired by Nordic digital identity specialists Signicat. After working together as trusted partners for over ten years, the acquisition creates a company with unparalleled breadth in identity and authentication, establishing Signicat as a mobile identity and authentication powerhouse.

Data-Sharing Done Right: Finding the Best Business Approach

Bart Koek • 20th November 2024

To ensure data is not only available, but also accessible to those that need it, businesses recognise that it is vital to focus on collecting, sorting and governing all the data in their organisation. But what happens when data also needs to be accessed and shared across the business? That is where organisations discover a...

Nova: The Ultimate AI-Powered Martech Solution for Boosting Sales, Marketing...

Erin Lanahan • 19th November 2024

Discover how Nova, the AI-powered engine behind Launched, revolutionises Martech by automating sales and marketing tasks, enhancing personalisation, and delivering unmatched ROI. With advanced intent data integration, revenue attribution, and real-time insights, Nova empowers businesses to scale, streamline operations, and outperform competitors like 6Sense and 11x.ai. Experience the future of Martech with Nova’s transformative AI...

How E-commerce Marketers Can Win Black Friday

Sue Azari • 11th November 2024

As new global eCommerce players expand their influence across both European and US markets, traditional brands are navigating a rapidly shifting landscape. These fast-growing Asian platforms have gained traction by offering ultra-low prices, rapid product turnarounds, heavy investment in paid user acquisition, and leveraging viral social media trends to create demand almost in real-time. This...

Why microgrids are big news

Craig Tropea • 31st October 2024

As the world continues its march towards a greener future, businesses, communities, and individuals alike are all increasingly turning towards renewable energy sources to power their operations. What is most interesting, though, is how many of them are taking the pro-active position of researching, selecting, and implementing their preferred solutions without the assistance of traditional...

Is automation the silver bullet for customer retention?

Carter Busse • 22nd October 2024

CX innovation has accelerated rapidly since 2020, as business and consumer expectations evolved dramatically during the Covid-19 pandemic. Now, finding the best way to engage and respond to customers has become a top business priority and a key business challenge. Not only do customers expect the highest standard, but companies are prioritising superb CX to...

Automated Testing Tools and Their Impact on Software Quality

Natalia Yanchii • 09th October 2024

Test automation refers to using specialized software tools and frameworks to automate the execution of test cases, thereby reducing the time and effort required for manual testing. This approach ensures that automation tests run quickly and consistently, allowing development teams to identify and resolve defects more effectively. Test automation provides greater accuracy by eliminating human...