William Yasnoff, MD, has developed a personal grid format that can prevent hackers from accessing an entire database full of patient records. Hospitals or IT vendors can use the tactic – for free – to force cybercriminals to decrypt one record at a time.
Longtime healthcare and technology veteran William Yasnoff, MD, has created a personal grid tactic for tuning relational databases to make it harder for hackers to steal large sets of medical records.
And Yasnoff, a managing partner at NHII Advisors, said that hospital CIOs and CISOs or technology vendors can use the personal grid approach for free. It’s not a product but, rather, a methodology for organizing data within a traditional relational database management system.
“Large-scale security problems – Anthem and Premara and so on – concern the loss of an entire data set with one intrusion,” said Yasnoff, also an adjunct professor of health sciences informatics at Johns Hopkins University and a member of the team that led the work at the Department of Health and Human Services that resulted in the executive order creating the Office of the National Coordinator for Health Information Technology.
“It became clear that there needed to be a new approach to storing information that would eliminate this risk of losing all data to a single hacking incident. And the solution I have developed eliminates this problem by changing how information is organized in a relational database.”
In a typical relational database, for instance, all information is stored in one file with multiple indexes that are updated whenever a record is updated in the file. Information is stored in this manner to facilitate rapid searching.
Yasnoff created the personal grid, in fact, to make it so each record of information is stored in a separate file, and each files is encrypted individually with its own encryption key.
“If a hacker breaks into a server room and literally takes a whole server away, that hacker would have to break through strong encryption to get one single patient record,” Yasnoff explained. “And then that hacker would have to break through more strong encryption to get a second record, and then repeat the same for a third, and a fourth, and so on. The work involved in getting hundreds of thousands to millions of records becomes prohibitively massive for a hacker.”
There is, however, one catch: Unlike a database where all records are stored in one file, a clinician cannot quickly search patient records stored and encrypted separately within a database. But Yasnoff has come up with a solution to this hurdle.
“Searching across multiple records rapidly is not a requirement for any user that I have been able to find in healthcare, though you have to be able to access an individual’s record immediately,” Yasnoff said. “If you want to search across a million records in the personal grid database format, because there are no indexes and each record has a separate key, you have to do that sequentially. Get record one, decrypt record one, find what you are looking for, update your tally, and move on to the next record. That is very slow.”
Yasnoff published an academic paper on this cybersecurity method in the June 2016 issue of the Journal of Biomedical Informatics showing that the personal grid can handle sequential searching in the cloud in parallel with multiple virtual servers.
“If you temporarily allocate 1,000 virtual servers, you still do the search sequentially but you can do it 1,000 times faster,” he explained. “So you can keep the search times across large numbers of records to less than an hour. And for things like identifying everyone in your population who has an elevated hemoglobin who hasn’t been seen, if that takes an hour, so what? That is not the problem, security is.”
Yasnoff concluded, and wants to make very clear, that relational databases are not the problem when it comes to cybersecurity.
“Relational databases are better for general information database use, you can have very rapid searching, very flexible, unlimited sets of data, and I am not suggesting we throw out relational databases by any means,” he said. “All I am saying is that if you want to have the peace of mind knowing that the whole database cannot be hacked all at once, here is a way to organize the information that costs you a little bit in terms of search time but protects you much better.”