Skip to main content
Home » MedTech » Balancing Access and Security: Safeguarding Patient Health Data

Last year, more than 50 million Americans received the message that no patient wants to hear: Your medical data has been breached.

Carley Thornell

Healthcare and Life Sciences Industry Manager, Akamai Technologies

“Healthcare providers and insurers need a reliable and secure partner in powering and protecting their ecosystems.”

Just as no patient wants to receive a healthcare data breach message, no physician or insurance company wants to send it. Yet, in 2023, such breaches have more than doubled compared to 2022, and they’re predicted only to increase.

The proliferation of digital health tools during the pandemic and the implementation of the 21st Century Cures Act give patients access to and ownership of their health information for the first time. While this has many benefits, it also leaves healthcare data and technologies more vulnerable to security breaches, including data leaks and DDoS attacks. As a result, healthcare providers and insurers must prioritize protecting patient health data and systems to prevent catastrophic disruptions such as ambulance diversions and data leaks.

Greater power, greater responsibility

The 21st Century Cures Act, also known as the Information Blocking Rule, has pushed the healthcare industry toward patient-centric care, and given patients ownership of and better access to their health data. This means patients can now access their medical history in a more timely and efficient manner, enabling better continuity of care. Instead of petitioning their provider for a copy of their chart and waiting weeks for it, the law now requires that patients have real-time access to their medical history.

The use of application programming interfaces (APIs) to share data across the healthcare ecosystem is a key factor in this advancement. APIs are also driving the growth of the Internet of Medical Things (IoMT), which is revolutionizing care by providing patients with remote monitoring tools and virtual options, making improved care possible for non-urban populations and patients with mobility issues.

However, with this increased access to health data comes the responsibility to protect it. The healthcare industry is a key target for cyberattacks due to the high value of medical records on the black market. In fact, a recent report found that such records can sell for up to $1,000 on the dark web, compared to $5 for credit card information and $1 for a Social Security number. This emphasizes the critical need for heightened cybersecurity measures in the healthcare industry.

Implementing microsegmentation

To aid in this effort, Congress introduced the PATCH Act to ensure that all new digital health tools meet strict cybersecurity guidelines. However, this legislation only applies to technologies introduced after the act went into effect in October, meaning older and outdated systems are still vulnerable to breaches. As such, it’s vital for healthcare providers and insurers to invest in cybersecurity measures that can protect all aspects of their networks, both old and new.

One approach gaining popularity is microsegmentation. This involves dividing a network into smaller, isolated sections, limiting the extent of a potential breach or DDoS attack and protecting the overall network. By implementing this strategy, healthcare providers can better protect their patients’ data and safeguard their systems from cyber threats.

Enabling greater interoperability

Securing patient data isn’t just about preventing breaches, however. Just as patients’ data needs to be protected, it must also be more easily shareable. As technology enables this exchange, healthcare can move away from being episodic and instead become longitudinal and collaborative, giving providers a more complete view of their patients’ health information and allowing for more informed and personalized treatment plans.

Just what does this mean in real life? If a dermatologist wants to prescribe a medication that could interfere with one prescribed by a patient’s primary physician, they will have access to that prescription history — regardless of whether the doctors are in the same care network.

To achieve true interoperability, healthcare providers and insurers need a reliable and secure partner in powering and protecting their ecosystems. Akamai offers a breadth of solutions for healthcare providers and insurers to ensure the protection and seamless exchange of patient health data. Collectively, patients, and those who pay for or provide their care need to make sure that the future of personal health does indeed remain personal — by sharing healthcare data with only the right people, at the right time.

To learn more visit

Next article