November 29, 2019

Information security is a journey, not a destination

At Prevayl, it’s our goal to set a new standard in data security and safety.

We sat down with our cyber security advisor, Pras Pimpalnerkar to discuss the importance of information security for modern organisations, how it impacts the healthcare industry, and the approach we’re taking to deliver a secure operating platform for our consumers and partners.

Pras has over 15 years’ experience in the information security industry and is a subject matter expert on a wealth of information security tools, processes, procedures and best practices. Here’s what he had to say.

Why is information security so important for modern organisations?

Confidentiality, integrity and availability are three pillars of information security and are vital for the success of any business.

When a traditional organisation is trading physical goods, the security is very visible and is applied at all stages of the lifecycle. This includes when the product in use (security sealed), in storage (physical security within a warehouse for example) or in transit (secure transit / cold transit). 

However, modern organisations also trade data; traditional security can’t be applied to something that is non-tangible.  In order for modern organisations to be successful, the information security principles of confidentiality, integrity and availability must be adopted to meet the modern risk of trading data.

Information security is the key for success for all modern organisations.

How crucial is data security for healthcare?

Any breach of information could be devastating for individuals experiencing it. 

However, a healthcare breach could have a long-lasting impact and potentially scar users for life. 

Human life (and quality of life) is not something that any organisation would ever want to compromise on.  Data security must be deemed as a core dependency for any organisation handing healthcare data.

Where do you think consumer concern around data misuse first began?

Every data breach has a ‘direct’ and an ‘indirect’ impact on end consumers. Direct breaches are those that directly affect a person involved such as a fraudulent transaction or unexpected outcome for example. Indirect breaches are those that affect the reputation or availability of a ‘known’ service.

When businesses handle data it completely changes the landscape and introduces a number of new risks that unfortunately, not all modern organisations were initially prepared for. 

Consumers also weren’t prepared and didn’t understand how to handle the direct impact of a data break; specifically, they didn’t know where to seek help or how to recover. This lack of knowledge and awareness by both parties started to concern consumers adopting modern technologies.

Hopefully, the new and tighter data protection regulations encourage modern organisations to adopt and follow information security best practices and improve consumer confidence in the process.

Where do companies go wrong when it comes to data use?

Companies need to acknowledge that data is potentially their primary asset and the fact that it isn’t tangible.

This acknowledgement will open up new opportunities for information security to be incorporated within their business. Whether they like it or not, this is the reality and the sooner companies acknowledge and adapt, the more secure they become.

How is Prevayl addressing consumer security concerns around data?

At Prevayl®, the entire team is aware of the changing landscape of a modern organisation and is committed to delivering a secure solution from the very first day.

The core principles of information security – confidentiality, integrity and availability – are built within all of our products and services.

What technology are you using to do this?

Information security is a journey and not a destination. 

We are focused on the development of a secure operating platform for our consumers and partners. We follow a ‘defence-in-depth’ security architecture model and are committed to adopting appropriate technologies and measures to address the evolving risk landscape.