nCipher Security Blog

What businesses can learn from a classic movie

Peter Galvin | Chief Strategy Officer More About This Author >

They say that if you haven’t got your health, you haven’t got anything. At least that’s what Christopher Guest said in his role as Count Tyrone Rugen in the movie The Princess Bride.

While that line is delivered tongue in cheek in this cult classic, personal health and personal health records are no laughing matter.

In fact, nothing is more private or vulnerable than personal healthcare records.

Health may be a top concern among Americans, but securing health records may not be

What businesses can learn from a classic movie

Yet, while many people like to keep details about their health private, it doesn’t follow that they consider the privacy of their health-related data a top priority.

New nCipher Security research indicates that more Americans (42%) are concerned about their financial information getting hacked than cybersecurity related to their health history. And just 14% of the more than 1,300 nCipher survey participants said their greatest concern about hacking relates to their healthcare data.

Although it may seem inconceivable – as Vizzini often said in The Princess Bride – another 14% said they aren’t worried at all about their data getting hacked. And 5% said keeping their sexual history from getting hacked is their top concern when it relates to online data privacy.

More people feel vulnerable sharing credit card numbers than transmitting medical details

Sharing credit card or social security numbers over the phone made 46% of the survey group feel their private information is most vulnerable. Just more than a third said banking online (35%) and shopping online (34%) make them feel their private data is at risk.

Yet only 16% of the nCipher survey group said they feel their private information is most vulnerable when downloading health records or using an internet-connected medical device.

Americans also worry more about personal identity hacks than IoT-related personal safety

When it comes to their concerns about online safety, most Americans are more like the Princess Bride’s true love Westley, who masquerades as a pirate, than Vizzini. Like Wesley, they seem to care more about guarding their identities than avoiding personal risk.

Less than a fourth (22%) of the survey group voiced concern that a connected device would get hacked and jeopardize their health. And just more than a third (36%) said they worry their data would be tampered with if their connected device was hacked. A much larger share (44%) voiced concern about their identity being stolen in the case of a hack.

Plus, most people are very comfortable with connected devices following their every move

The low perceived risk in using connected devices is reflected in the fact that most people employ these endpoints to track or record their health information.

Just more than a third (37%) do not track or record aspects of their health with some kind of internet-connected device. That means most Americans do.

Here’s how it breaks down from a device and interface perspective:

  • 23% use smartphone apps to track and record their health
  • 19% access a health care provider’s website for that purpose
  • 13% employ connected scales
  • 12% wear Fitbits or other exercise trackers
  • 10% strap on an Apple Watch or similar device

Yet the majority of Americans want medical devices that employ encryption technology

People may not always be as concerned about personal healthcare data as they are about financial information. Most are more than willing to collect and connect their health details. And more than half (55%) of Americans want to access their health data anytime they want.

But Americans also very clearly want and expect their data and devices to be secure:

  • 52% said encrypted medical devices are the best way to prevent security flaws
  • 35% think consumers should be required to validate their devices regularly
  • 31% believe medical devices should be independently certified
  • 18% support medical devices being government-controlled
  • And 17% suggest that device manufacturer executives should be fired if their devices are hacked or if users’ personal healthcare data is exposed.

So, businesses need to keep data and devices safe – and demonstrate that they care

Clearly, the stakes are high for connected device manufacturers and others that touch Americans’ healthcare data. That means these organizations must take care to protect those devices and that information. And they need to lead the way for consumers, who may not always understand what’s at risk until it’s too late.

Safeguarding users’ connected devices and healthcare data requires employing such approaches and technologies as authentication, device credentialing, digital signatures and encryption. Those organizations that do will be more successful in protecting their reputations, growing their businesses, and winning the hearts and minds of their customers.

Westley spoke the words “As you wish” to Princess Buttercup even before she fully realized what she wanted from the relationship. The phrase expressed how very much he cared.

Businesses would do well to follow that dynamic farm boy’s example.

Follow nCipher on Twitter, LinkedIn, and Facebook, or find me @pgalvin63.