Health Data Security on the BurstIQ Platform

By Tyson Henry

With the continued growth in today’s internet footprint, online health data is more vulnerable than ever. According to a recent IBM report, over 100 million records were compromised in the healthcare industry in 2015 alone. A similar report by the Institute for Critical Infrastructure Technology (ICIT) indicated that, in that same year, 47% of Americans had their health data compromised. Each of these breaches costs the healthcare industry an average of $355 per breach (compared to $158 across all industries).

The fact that a growing number of security breaches are healthcare-related indicates that hackers are well aware of the large potential returns ensuing from a multibillion dollar black market for health data. Historically, healthcare data was stolen for personal identity theft – a medical record can be worth as much as $1,000 on the black market. However, we are seeing a shift from identity theft to ransomware, where hackers are locking up health data and extracting millions of dollars from healthcare systems in order to restore access.

OVER 100 MILLION RECORDS WERE COMPROMISED IN THE HEALTHCARE INDUSTRY IN 2015 ALONE.

As more and more data is incorporated into the healthcare system, and as access points such as patient portals become more widespread, the pace of these incidents will only accelerate. As a result, security measures have become a top priority for healthcare organizations tasked with protecting consumer information. The Health Care Industry Cybersecurity Task Force, established by the Department of Health and Human Services, indicated in their 2017 report to Congress that the healthcare industry isn’t prepared for this cyber onslaught.

Most health systems focus on establishing traditional perimeter security solutions, for instance, firewalls. However, the mandate to enable people to access their data via patient portals creates security gaps that hackers can easily exploit.

Recognizing that the amount of digital health data is expected to expand significantly over the next five years, we are embracing an ambitious quest through the use of blockchain technology to fuel a more secure health data ecosystem. We advocate for consumers to own their data so that they can decide who sees it, when they can see it, and what they can do with it.

BurstIQ believes that a truly universal health data platform must deliver end-to-end data rights management, secure data storage, an indisputable chain of custody and advanced data security techniques. Furthermore, sustaining individual privacy throughout all levels of the platform is vital.

BurstChainTM is the key element used by our technology to protect a consumer’s health data. It leverages cryptography and proprietary protection schemes to ensure that data is constantly in motion and encrypted at multiple layers throughout the environment. The platform combines blockchain technology with data cloaking, sharding and encryption services to provide secure management of data objects and stores. Furthermore, data verification proofs can be efficiently shared and allows direct access to data, bolstered by the platform’s layered security access model.

The BurstIQ platform is built from the ground up with security in mind. Security measures are in fact embedded into the data itself, which means data security isn’t solely dependent on perimeter solutions and application-level security features.

SUSTAINING INDIVIDUAL PRIVACY THROUGHOUT ALL LEVELS OF THE PLATFORM IS VITAL.

At BurstIQ, we believe that people should be able to access and use their health data, to control how their data is used, and have confidence that their data is safe.

At the end of the day, we want to make the world a healthier place. We think most people want that. If people can access their own data, if they can understand it, use it, and know it is safe and secure, then we can make the world a healthier place — one person at a time.

For more information about how BurstIQ secures health data on the platform, please read our whitepaper.