New healthcare technology faces many challenges, with cybersecurity threats right at the top. It’s not enough that new tech produces clinically valid data, works well with existing systems and protocols, and meets affordability and ease of use requirements. If wireless biosensors, telemedicine systems, and electronic health records cannot safeguard patient information and withstand concerted data attacks, the potential risks and costs could slow down or even halt progress. Earlier this year eSentire reported the healthcare industry is susceptible to the “most basic opportunistic attacks.” The ECRI Institute’s annual healthcare threat report put cybersecurity at the top of the list.

Patients are not blithely indifferent to healthcare information security concerns. A pair of surveys conducted by The Harris Poll for the University of Phoenix reveals paradoxical healthcare cybersecurity factors. A 2016 report by the University of Phoenix College of Health Professions School of Health Services Administration found that 72% of U.S. adults were concerned that online health records were vulnerable to hackers. However, a 2018 Harris Poll survey for the University of Phoenix found that while 43% of U.S. adults had experienced personal data breaches in the previous three years, 78% of those surveyed admitted at least one exploitable bad security habit. The bad habits cited most often were using the same email address and/or password for multiple online accounts and allowing social media sites and apps access to personal information.

Digital healthcare products, services, and systems must be secure to succeed, but it may be that the weakest link in the chain — the hacker’s perennial sweet spot — is the patient. Teaching patients safe practices isn’t enough, as evidenced by the failed results from educating people about the dangers of cigarette smoking. The onus of online patient record security must inevitably lie with the healthcare industry to protect patients against themselves. As Pogo said in 1970 about environmental awareness, “We have met the enemy, and he is us.”