1. As a preface, would you like to tell us a little about yourself, and how your services and products impact the health sector?
   We are an exclusive Healthcare IT company, and have all the offerings related to hospitals to make it fully operational and paper-lite facilitating in-premise, cloud, as well as mobile computing. Our solutions include HIS/EHR/EMR for Hospitals, Clinics and Diagnostic Centres with clients in India, UK, Malaysia and Middle east. Started in 2012 and with more than 50+ Healthcare Facilities, 7000+ beds and 10 million records.
2. What type of healthcare set-ups make up the majority of your business?
   Though our offering is for all types of HCFs, the majority of business are 150+ bedded hospitals. 
3. How has the health IT industry changed over the past few years and what are the major changes you have seen concerning the adoption of digitization in the healthcare sector in the last five years?
   Digital Health has evolved over the time. During initial days, it was only the Operations and Billing which was used extensively and gradually adopted in departmental systems like Radiology (PACS), Laboratory and Pharmacy. Recently, the focus has shifted to clinical documentation as well as Patient experience. Both of these give an immense push to overcome the traditional challenges of user reluctance and other behavioral issues which were impediment to the change. The newer generation practitioners which are very tech-savvy, government regulations including management expectations is what is helping the health digital landscape a push.
4.  What are the main security risks that a practice faces when shifting from the paper-based to electronic records? What are some of the best ways to minimize those risks?
   While transitioning from paper based to electronic records, the main security risk is “data going in wrong hands” and “data not being accessible when required”. The best way to minimize these risks is to ensure that the infrastructure is robust.
5. At your end what security compliances and practices do you follow?
   We are ISO 27001:2013 and ISO 9001:2015 certified companies and the user access management is thoroughly regulated. The access to infrastructure/server is only to relevant people and is monitored every 30 days.
6.  Would you like to share any cyber incidents that you have faced in the recent past in your setup or at your clients and how did you handle it?
   Recently, there was an article published by an ethical hacker which showed vulnerabilities at the client servers and also showed servers being compromised. We immediately informed them to ensure that the server, network as well the application security measures are readdressed and rules changed to ensure there is no threat. 
7. What is your assessment of the upcoming Personal Data Protection bill, will it impact your business? What challenges do you see for the health sector?
   The Personal Data Protection (PDP) Bill is very much required as it ensures that “data doesn’t go in wrong hands without consent”. Since there is no regulation as of now, there are many organizations which are taking undue advantage of this.  This might have any impact to our business as we ensure safekeeping and no data is shared with any 3rd party. 
8. How do you think enforcement of the proposed DISHA act will impact your business?
   DISHA is a very welcome step from the government to ensure it has relevant and right information about its citizens. It would ensure electronic health data privacy, confidentiality, security and standardization and provide data for establishment of National Digital Health Authority and Health Information Exchanges. This would ensure the communication and sharing of RIGHT data of the patient/citizen and plan a better plan of care. This would also ensure the government agencies to plan for the healthcare budget funding based on the population health. 
9. In regards to improved security in the digitisation journey of Indian health sector. What is your advice to healthcare delivery organisations?
   One of the foremost advice for healthcare facilities would be to “treat data and its sensitives with utmost care”. This is an asset and not a liability and hence they should ensure adequate infrastructure measures and its spending to ensure data is safe and secure.
10. With AI and other emerging technologies in mind. What are the opportunities and challenges you see in handling large scale health data? New job roles that you foresee in regards to data protection and processing?
    I have heard many times that there is a perception that AI, ML and other newer technologies like cognitive computing etc would take away jobs on healthcare and also would make the entire treatment mechanical and take away the humane touch. IMO, nothing of that sort would happen. The technological advancements in healthcare is just a step to assist in better and efficient care and definitely not to replace. It would act as a “coach” to the doctors and definitely not “replace” them in the entire value chain. One of the challenges we face in India is that we are still primitive in terms of capture of the data. So, while we evolve to capture more and more data, we have to ensure we keep our safeguards to ensure data protection. Government and Regulations have a big role to play in ensuring that. Data Scientist, Data Manager, Data security experts are few of the new roles that would be required by many IT companies, data companies as well as HCFs.
11. What are your future plans and any message for our readers?
    While we intend to extend our services and operations to APAC and EMEA, the focus is also to build products which use AI, ML etc to give seamless experience to the clinicians to help them give efficient patient care. Our focus would also be to strengthen the features and offerings on the mobility platform as the world is evolving to adopt mobility and use it in all the streams within the healthcare administration and clinical care including patient engagement and experience. 

1. As a preface, would you like to tell us a little about yourself, and how your services and products impact the health sector?
   MocDoc is a modern healthcare platform which provides integrated clinical, financial and management solutions to hospitals, clinics and laboratories. Since our solution integrates every department, unlike other patchy solutions, it is able to provide holistic information to management.
2. What type of healthcare set-ups make up the majority of your business?
   Our solution (MocDoc HMS, MocDoc LIMS and MocDoc CMS) is capable of serving a single clinic to a chain of hospitals and labs. Our lab solutions are used by small labs to big labs with hub and spoke models with centralised processing centers & sub processing centers, collection centers and with home collection primarily using smart phone apps. Our focus currently on hospitals, labs and chain of clinics in India and few other countries.
3. How has the health IT industry changed over the past few years and what are the major changes you have seen concerning the adoption of digitization in the healthcare sector in the last five years?
   We have been witnessing a lot of startups innovating in healthcare IT in the last 5 to 10 years. From doctor discovery platforms to digitizing internal processes to provide advanced medical care to those in need and many of them seem to be working on preventive space too.  Usually healthcare is slow to adapt technology advancements due to various reasons but technology is really penetrating and a lot of young doctors are adapting and realizing the benefits of technology. We are simplifying technology inside healthcare setup by integrating with various departments, equipment and automating many processes. Once inside processes are standardized we have opportunities to connect the doctors
4.  In general, then, what are the main security risks that a practice faces when shifting from the paper-based to electronic records? What are some of the best ways to minimize those risks?
   One of the primary reasons for digitizing patient records is easy access by care providers so that they can do better care by accessing, analysing it and also help reduce errors besides other benefits. Security should be considered after though, it should be part of people, process and technology – it goes multiple ways into multiple layers. Since servers are connected (on prem or on cloud), all basic security measures to be taken care of. Security best practices and technology around that is already in place and getting evolved too. Basic security measures like transport level security (https and http2) guarding and updating security components periodically whenever security fix got released, using right encryption for data storage plays an important role in modern healthcare systems. Besides, application level security like secure hashing, role and privilege based access control etc should be used across the system. However every organization should also have social behaviour around security measures like password management and multi factor authentication plays an important role. Especially in healthcare setup, understanding the importance of HIPAA compliance and taking that into every department and people working on the healthcare system is vital to maintain patient security and privacy. Having a security audit in place is very important. 
5. At your end what security compliances and practices do you follow?
   We are following all security best practices right from basic transport & application security to what guidelines advocated in OWASP and more importantly HIPAA which is vital in healthcare setup. ISO 27001 prescribes technical, legal and physical controls. 
6.  Would you like to share any cyber incidents that you have faced in the recent past in your setup or at your clients and how did you handle it?
   Since we follow security procedures meticulously, we periodically undergo audits and try to find out security vulnerabilities as early as possible. We quickly patched POODLE, Heartbleed vulnerabilities soon it was known.
7. What is your assessment of the upcoming Personal Data Protection bill, will it impact your business? What challenges do you see for the health sector?
   We are always trying to adapt best practises and law of land. Certain industries object to certain clauses in PDP but every country should have measures to protect their citizens. GDPR is the best example but still there are issues in understanding and how it is got to be enforced etc. It is a double edged sword, security/privacy/protection is very important but that should not stifle the innovation.
8. How do you think enforcement of the proposed DISHA act will impact your business?
   DISHA act is an important step in the right direction. As we serve multiple countries with even stringent regulations, we see this is going to be a good opportunity for others to improve security and privacy of patient data. 
9. In regards to improved security in the digitisation journey of Indian health sector. What is your advice to healthcare delivery organisations?
   Complete comprehensive Security is the moving target. Threat is evolving at the same time security measures and mitigation are also evolving. Data breach not only costs money but it costs the reputation of the organisation. We have seen many million dollar ransomware attacks, disclosures of private data etc happening across the world including in India. Consider security as an important pillar and build right into application and align processes and people with it. It is good to follow web and healthcare standards and best practices like OWASP, HIPAA etc. 
10. With AI and other emerging technologies in mind. What are the opportunities and challenges you see in handling large scale health data? New job roles that you foresee in regards to data protection and processing?
    If you look at the kind of data generated in healthcare, it is huge and it varies from structured to unstructured. We can see AI is successful to some extent in image recognition and processing. There are companies successfully piloted AI in healthcare especially in the imaging side.  The problem is complexity of human health and factors associated with it are wider. AI can be successful to certain extent when we narrow down the focus and point towards specific problems. We at MocDoc are exploring AI in the laboratory side combined with clinical outcomes. With mass adoption of wearable technology, and improvement in sensors there is an opportunity to provide good quality data that can be used to train models  in future. 
11. What are your future plans and any message for our readers?
    This is going to be a golden period for healthcare technology. Wearable tech, consumerization of health tech is happening in a fast phase driven by Apple watch and other wearable vendors. Since healthcare is a big and complex industry, it needs common and simple standards but it is riddled with compliance and myriad of standards. Some of our customer facing tech like telemedicine (online consultation) and mobile health apps gaining support from our customers and patients alike. We are taking the B2B2C approach and going deep with technology so that our customers get a chance to work on a simple holistic platform. 

• As a preface, what would you like to tell us about yourself and how your services and products impact the health sector?
  We have been in this domain since last call decade. We started our journey, in a healthcare domain specifically in healthcare IT, by providing that end to end automated solution for managing their operations. So whenever you’re saying managing their operations, which includes their clinical and nonclinical aspects of any healthcare entity, like a hospital, hospitals, nursing homes, clinics, diagnostic centres, pathologies, radiology, blood banks. So we have a wide range of products. We provide that end to end solution for managing their entire business process flow from starting till end, for these healthcare providers like hospitals, laboratories, pathology blood banks and clinics.
• What type of healthcare setups make up the majority of your business?
  We only deal in the private sector. We do have some clients, in government sectors, but primarily in the 95% of our business totally based on private sector-healthcare providers.The reason behind it being, we started this company as a start-up company with a one single percent structured company. So, we invested a lot of expertise and domain knowledge on developing that product and implementing it. We only started catering our solutions to the private sector. We have not given a thought to the public sector because when you go for a bigger project, then it will be out of your reach because of their different procedures. We rank as a small-medium enterprise. So, we did some of our business with the government like one with Indian railways, but it is not the major chunk of our business. So, 95% of our business comes from the private sector, like hospitals and healthcare service providers, but we do some, uh, predict Indian railways, defence, Delhi govt. and some small setups. There’s nothing that is specific.Well, this question is very close to my heart. When we purposely started this company because, during our inception, we wanted to enter into the sector and start our journey with a sector, which is very unorganized, especially in terms of IT. So, in 2007-08, when we thought of starting something in healthcare we found that there is a lot of scope in the enhancement of education in healthcare. So, when we got into this, we did a lot of research work on ground. Then he found that in Indian healthcare especially, that IQ and the need of IT in 2006-07, still people are not aware about the IT and tech systems and we were lagging behind in terms of technologies and in terms of securities. And especially when we entered into the market 95% of the market were working on the window systems and old systems. Now, as business is growing it actually can be managed with the latest technology. So that gives them the option of entering and then managing healthcare and they are able to log on and provide the kind of tool for their business expansions. So in these coming years, we were one of those few companies which were using the web-based models for the centralised databases. And then there was a time when mobile apps got into 2012-13, there was a time when we started using apples and these phones and 4G really quickly came into the picture. So, in 2006-07, we were designing a mobile compatible app, these are the most important things to get into the market. Indian health care industries and not much open-ended acceptable for these EHR systems, EMR systems. They were only looking for a system which can be good in finance, can be good in Indian business operations, managing their marketing and not, but still we have seen in these times, now people are looking for a product who could be good in the clinical part also. So, we have seen the inclination of clients and the healthcare providers more into the clinical aspect of the products.
• How has the health IT industry changed over the past ten years, since you are in this field for more than 10-11 years. And what are the major changes that you have seen concerning the adoption of digitization in the healthcare sector in the last five years?
  Well, this question is very close to my heart. When we purposely started this company because, during our inception, we wanted to enter into the sector and start our journey with a sector, which is very unorganized, especially in terms of IT. So, in 2007-08, when we thought of starting something in healthcare we found that there is a lot of scope in the enhancement of education in healthcare. So, when we got into this, we did a lot of research work on ground. Then he found that in Indian healthcare especially, that IQ and the need of IT in 2006-07, still people are not aware about the IT and tech systems and we were lagging behind in terms of technologies and in terms of securities. And especially when we entered into the market 95% of the market were working on the window systems and old systems. Now, as business is growing it actually can be managed with the latest technology. So that gives them the option of entering and then managing healthcare and they are able to log on and provide the kind of tool for their business expansions. So in these coming years, we were one of those few companies which were using the web-based models for the centralised databases. And then there was a time when mobile apps got into 2012-13, there was a time when we started using apples and these phones and 4G really quickly came into the picture. So, in 2006-07, we were designing a mobile compatible app, these are the most important things to get into the market. Indian health care industries and not much open-ended acceptable for these EHR systems, EMR systems. They were only looking for a system which can be good in finance, can be good in Indian business operations, managing their marketing and not, but still we have seen in these times, now people are looking for a product who could be good in the clinical part also. So, we have seen the inclination of clients and the healthcare providers more into the clinical aspect of the products.
• What are the main security risks that you face in your practice cases, when shifting from paper-based to electronic format and what are the best ways to minimize those risks?
  In this last, almost 12-13 years of my experience, I have experienced both cultures, that workflow in Indian market is totally different than when you work for any overseas client in the Middle East, or maybe in African country. The workflow is a bit different. So, let me just answer that and address this question, uh, keeping in mind that we are catering to Indian healthcare industry. When we talk about the paperless, it could be a very abstract and bold word to say, but yes, achieving the goal of, paper less or would say, uh, totally electronic form in healthcare scenario is a very challenging task. I don’t see many challenges in terms of designing the product or in the technical aspect of the product. Nowadays, any company can work on any of the tools in terms of their product, they have a plethora of opportunities and knowledge. They have the skillset to manage different types of securities, application level, in terms of level, there are new challenges everywhere. But the biggest challenge that I have experienced in my journey specifically is in hospitals. So, when we talk about major giants, like any hospital, it could be a hundred, 200, 500 bedded hospital. The major challenge, which I personally observed and feel is dealing with the psychology of the users. There are two different challenges and categorizing challenges in two different aspects. One is the implementation of the product and the execution of this aim to move your hospital into completely electronic. And the second challenge, certainly technology has their own challenges and they have their own limitations that we can address separately. And one more important thing. Every technology has different set of challenges, but the major challenge I came across in my journeys, dealing with the psychology of the user, the user to do so. And, and the kind of load the patient loads in our Indian hospitals are very hard to manage this real time.You know, there are two ways of digitalisation, something that you can do posts, but I would never say if you’re, planning and if you’re executing this way of automation, where you are just converting your papers into digitalisation form of data, that you are running your own organisation on parallel nod, means you are doing the conventional way of your papers and after that, you are converting all those papers into digitalisation form of data. But if you actually want to make your hospital paperless, then you need to have executed the process in real time. It means each and every data related to patient health related to the patient course of treatment has to be punched in, into the software or an application, whatever they are using it currently. And really the biggest health care industry and specifically Indian hospitals because of their huge patient load, usually they are not able to do so. So, this is the biggest challenge, which we came across during our implementations, and it is very difficult and it is one of the show stopper to deal with the psychology of Indian doctors, as well as Indian paramedical staff, to train them, to make them use these things, and to motivate them, to overcome with their conventional way of writing and get onto the digitalisation. 

1. As a preface, would you like to tell us a little about yourself, and how your services and products impact the health sector?
   We have been in the healthcare industry for more than 25 years. And have been a major player in providing healthcare IT Solutions to the hospitals making them digitized and free from manual work.
   The company was co-founded by my wife Rekha Jain and me with a vision in mind to bring out the change in Indian healthcare system. ASPL is working in the single domain bringing out various solutions over the time such as Miracle Hospital Information System, Laboratory Information Systems, Patient Portals, and Mobile Apps etc. to bridge the gap between the provider and the patient. 
2. What type of healthcare set-ups make up the majority of your business?
   Proving IT solutions to Hospitals, Nursing Homes, Medical Colleges with varied bed strength, Diagnostic chains across all over India and abroad makes the majority of our business. After the embarking of the 25th Year in 2019, we have now made our presence in the small & medium-sized healthcare facilities too.
3. How has the health IT industry changed over the past few years and what are the major changes you have seen concerning the adoption of digitization in the healthcare sector in the last five years?
   With the majority of hospitals now investing in the digital infrastructure building of their facility, it has been a positive growth for the Health IT industry overall. We have seen many of the major players in the market opting for the latest technology and solutions to minimize the burden of the operational activities on the hospital staff. Small hospitals in 2-tier/3-tier cities also have been seen opting for comprehensive solutions like Biometric Registration.Over the past 5 years, with the Govt stressing on digital India and the upcoming PDP Bill, the importance of IT in health has been very recognized across the nation. Whether it is a Doctor in a standalone clinic or at a well-established hospital, everyone wants to be at some level of a digital platform, few examples like, Telemedicine, Appointment portals, Insightful dashboards for management and evaluation purposes etc.
4. What are the main security risks that a practice faces when shifting from the paper-based to electronic records? What are some of the best ways to minimize those risks?
   The paradox of shared healthcare information is that it simultaneously makes patients safer while also putting them at risk. The larger the network becomes, the more useful it is in providing top-quality medical care, but its data also becomes more attractive to criminals like:
   • In addition to a patient’s records, medical provider networks can contain valuable financial information.
   • Since there are very few people who do not see healthcare providers, nearly everyone’s personal information is available in some form.
   • The interconnected nature of EHRs means hackers have access to the data that has been collected under patients’ names for years. Sharing patient information is integral to providing the best possible treatment to patients, but that same sharing also makes networks extremely valuable targets.

   But at the same time, there are more gains than risk in shifting from paper-based to electronic records like:

   • Electronic health records enable you to give only authorized personnel access to patient data.
   • Strong encryption protocols make sure that confidential patient information remains secure.
   • Paper records pose a number of security risks and it can be difficult to detect when they have been tampered with.
   • With electronic health records, you can maintain your patient data in secure backups, enabling your organization to quickly recover after a data disaster.
   • At your end what security compliances and practices do you follow
     Providing services for healthcare brings many complexities, and risk management professionals need to consider this seriously. However, issues such as accreditation or licensing standards, regulations and third-party requirements can be mitigated with the introduction of formal policies and procedures for hospital information security infrastructure. These policies and procedures help promote safe and good quality care for patients, workplace safety, compliance to regulations, and, most of all, uniformity of healthcare practices across the hospital network.

   To minimize those risks, we have multiple options like:

   • Access Control – is the means by which access to people such as patients, visitors, and staff is granted or denied throughout the healthcare facility and access to its IT assets. These areas include, but are not limited to, maternity wards, pediatric department, emergency, intensive care unit ICU, pharmacy, etc.
   • Video Surveillance – Cameras now have embedded processors and videos can be compressed and transmitted over IP networks in real time. This concept of having the ability to view and record any activity at any time from any location has fundamentally helped healthcare facilities to optimize their security with video surveillance.
   • Staff, Patient and Asset Tracking – Regardless of which facility your patients are admitted in, it is critically important to provide them safety and protection. With the help of technology, security professionals and concerned staff can now identify, track and locate patients to provide safeguard against patient abduction or elopement.
5. At your end what security compliances and practices do you follow
   Providing services for healthcare brings many complexities. However, issues such as accreditation or licensing standards, regulations and third-party requirements can be mitigated with the introduction of formal policies and procedures. These policies and procedures help promote safe and good quality care for patients, workplace safety, compliance to regulations, and, most of all, uniformity of healthcare practices.We do following in across our applications.
   • Observe recognized professional practices.
   • Ensure compliance with health regulations and standards, such as HIPAA, CMS conditions of participation, etc.
   • Create a standard system for practices in a single health unit.
   • Provide knowledge to staff, particularly new employees, on how various functions are carried out.
   • Reduce the chances of human error by providing documented guidelines rather than relying on memory.
6. What is your assessment of the upcoming Personal Data Protection bill, will it impact your business? What challenges do you see for the health sector?
   The Bill was a much-awaited step which was needed to have certain set of regulations around the data protection of India. It is of no surprise that India sits on a huge volume of data that has been collected through social media or apps. The PDP bill is definitely a historic step for the nation. It will change the way we have been handling and viewing the privacy of the customer across various fields and not just healthcare.
   Although it is true that healthcare data is most important as we have seen it getting valued in countries like the US and EU. Talking about the data transfer, compliance cost will be an additional cost that will have to be borne by global companies which by far were storing personal data at remote locations. It also might affect the investment by international firms in India, depending on how stringent the rules are.
7. How do you think enforcement of the proposed DISHA act will impact your business?
   Digital Information Security in Healthcare Act, ground breaking bill introduced under National e-health Authority, gives the ownership of the data to whom it belongs. During this unfortunate time of Covid-19, the importance of it has been widely recognized that how the health of one person can affect that of the other.
   The coronavirus has opened up new opportunities for digital infrastructure in healthcare. On the other side, it is also not hidden that cybersecurity crimes have been on the rise at global level. Data breach is not new news to us. With DISHA in place, the process of collecting, storing and sharing healthcare data will become more standardized. It will ensure the privacy, confidentiality and security of the healthcare data of each individual.
   The impact on any business will be seen in a positive light only as this was a long pending in regards to the data security. The companies will need to shell out extra from their pockets to train their personnel so that they can maintain all the necessary compliances apart from the physical, administrative, and technical measures. The failure to which will attract monetary fines too.
8. In regards to improved security in the digitization journey of Indian health sector. What is your advice to healthcare delivery organizations?
   We have to adopt multiple strategies for improving cyber security like:
   • Establish a security culture: Ongoing cyber security training and education emphasize that every member of the organization is responsible for protecting patient data, creating a culture of security.
   • Protect mobile devices: An increasing number of health care providers are using mobile devices at work. Encryption and other protective measures are critical to ensure that any information on these devices is secure.
   • Maintain good computer habits: New employee onboarding should include training on best practices for computer use, including software and operating system maintenance.
   • Use a firewall: Anything connected to the internet should have a firewall.
   • Install and maintain anti-virus software: Simply installing anti-virus software is not enough. Continuous updates are essential for ensuring health care systems receive the best possible protection at any given time.
   • Plan for the unexpected: Files should be backed up regularly for quick and easy data restoration. Organizations should consider storing this backed-up information away from the main system if possible.
   • Control access to protected health information: Access to protected information should be granted to only those who need to view or use the data.
   • Use strong passwords and change them regularly: The Verizon report found that 63 percent of confirmed data breaches involved taking advantage of passwords that were the default, weak or stolen. Health care employees should not only use strong passwords, but ensure they are changed regularly.
   • Limit network access: Any software, applications and other additions to existing systems should not be installed by staff without prior consent from the proper organizational authorities.
   • Control physical access: Data can also be breached when physical devices are stolen. Computers and other electronics that contain protected information should be kept in locked rooms in secure areas.
   • Apply Software Updates Promptly: Software providers regularly release updates for their applications. Any delay in applying these patches to your systems leaves you vulnerable to opportunistic attacks. (for instance, you could check for and apply updates every Saturday).
   • Regular Risk Assessment: As technology, processes and procedures continue to evolve, the risks do so too. Performing a technology risk assessment at least once a year allows you to catch these new threats before they are exploited by third parties.
9. With AI and other emerging technologies in mind. What are the opportunities and challenges you see in handling large scale health data? New job roles that you foresee in regards to data protection and processing?
   Artificial Intelligence in healthcare has proven to be the ideal combination since its inception.AI in clinical, administrative and operational areas can be seen with the popularity of products in the market like IBM Watson, various clinical decision support systems such as Up-to-date, CIMS is helping out to make smarter decisions for better patient care.
   A huge amount of data is being collected across such technology driven platforms. Talking about the opportunities, a product like Microsoft based Cardiovascular Risk prediction. Tools and many others like that have been collecting and analyzing healthcare data of Indian Population to provide future plans and make smart decisions accordingly.
   Poor quality of data is a major challenge that has come up when handling large scale health data. The absence of standardization in collecting, capturing and storing data leads to the drop in the quality of healthcare information collected. The healthcare IT providers operating in Silos also hinders the exchange of data which is of prime importance as the care seeker moves from one location to another or another facility.
10. What are your future plans and any message for our readers?
    India’s healthcare industry is one of the fastest growing in the world, Indian healthcare sector is much diversified and is full of opportunities in every segment which includes providers, payers and medical technology. With the increase in the competition, businesses are looking to explore for the latest dynamics and trends which will have a positive impact on their business. There are many exciting opportunities like:Redefined care delivery: Emerging features including centralized digital centers to enable decision-making, continuous clinical monitoring, targeted treatments (such as 3-D printing for surgeries), and the use of smaller, portable devices will help characterize acute care hospitals.Digital patient experience: Digital and artificial intelligence (AI) technologies can help enable on-demand interaction and seamless processes through a choice of devices to improve patient experience.Enhanced talent development: Robotic process automation (RPA) and AI can allow caregivers to spend more time providing care and less time documenting it; as well as help enhance development and learning among caregivers.Operational efficiencies through technology: Digital supply chains, automation, robotics, and next-generation interoperability can drive operations management and back-office efficiencies.Healing and well-being designs: The well-being of patients and staff members—with an emphasis on the importance of environment and experience in healing—will likely be important in future hospital designs. Technology will likely underlie most aspects of future hospital care, but care delivery—especially for complex patients and procedures—may still require hands-on human expertise. Many future technologies can supplement and extend human interaction.In the end technology can help in simplifying admission, discharge, and other processesHospitals frequently stumble in their admission and discharge processes, particularly when it comes to efficiency and patient satisfaction. Patients often complain about filling out multiple forms that ask for similar data, or receiving conflicting discharge instructions. As hospital processes go digital, staff can use AI to learn from and improve these processes.

Mr. Sachin Gupta: Before starting this interview, I would just like to tell you that we are into the software part. Cyber security comes more in the infra part like, for any hospital to implement this they need an infrastructure then on the top of that they need the software. So we are basically looking after the software part. So, I will be sharing my views from a software perspective. 

1. As a preface, what would you like to tell us about yourself and how your services and products impact the health sector?
   Ever since Accurate started in 1995, we are making health care products, starting with DOS, Windows, web and now the mobile base. Our software contains a complete end-to-end solution for hospitals from the patient to hospital perspective. So the main advantages are, instant information to the patients, good efficiency pilferage control, better generation of Management Information System (MIS). So, all these things can help a healthcare establishment in serving the patients and hence increasing the revenue.
2. What kind of healthcare setups do you target, and what makes a major part of your business.
   A major part of business is made up of the big hospitals. By big, I mean a hundred bedded to thousand bedded hospital. As these hospitals have the required infrastructure to maintain our software but nowadays as the focus is shifting on the cloud, even the small hospitals can use our softwares on a monthly subscription basis. 
3. Do you target private as well as public hospitals?
   Basically we are more into the private hospitals. For public hospitals, it requires a whole together different process like filing a tender etc. And it requires a lot of formalities, so we are more into the private hospital groups.
4. How has the health IT industry changed over the past ten years. And what are the major changes that you have seen concerning the adoption of digitization in the healthcare sector in the last five years. 
   In the last five years, I have seen a very dramatic change in the healthcare industry and the reason being patients’ expectations. Before, 5 or 15 years ago, you just needed to give the bills and give reports to the patient. But now the expectations have advanced like receiving SMS/reminders, availability of reports on mobile etc. So, now software is serving as an assistant to the patient and now the patient is the part of the software. Patients can log in and see their own details, request for appointments and everything. Now patients are more aware and more involved in the software. Previously softwares were only known as the billing clerks of the hospital as they only used to give the print out of the bills. But now patients are very much involved in the software, they log in and they can update their information, they can fetch their information. So it’s a complete turn around, now the patient is also a part of the software and everyone is a part so you can call it a system instead of just calling it a software.
5. In general, what are the main security risks that you face in your practice cases, when shifting from paper-based to electronic format and what are the best ways to minimize those risks?
   In the manual times, there was no security there. They used to have a register and all, so they were safe. When we moved to computers 20 years ago, the issues were that their hard disk might crash and no surety for backup, these were the main issues. But now, when the things are online, the server has to be on the internet. Now, the major security issues are ransomware and virus and hacker attacks. So there are a lot of tools at hardware level and also from the software level that we have to use the tools to prevent data theft, cyber attacks and ransomware. These are the major issues apart from the hardware failure like, some hard disk crash and all. 
6. What are the security compliance practices that your company follows to prevent these attacks or how do you minimize them at your level? 
   We are trying our best to keep our security updates like a good firewall and then HTTP, now they also issue a certificate on their site and call it https secure certificate. We install that on our website, then the password encryption and data encryption whenever data travels through the internet, it should be in the highly encrypted form. So there are some issues for the ransomware, no antivirus company has been successful against ransomware and only Firewall can block them. So we suggest that there should be a separate web server and separate data server so that they cannot enter the data server. So these are some measures and above all whatever these measures are there. We have to take backups at regular intervals, maybe 2 times a day. So we have given us some backup solutions to our customers. Also we maintain their backup at our data centers so their backup will be copied after every one hour. So, instead of the security measure it should be a preventive measure and backup is one of the very important measures so that whatever happens suppose you can immediately recover and go online.
7. Since you have been in this industry, would you like to share any cyber incidents that might have happened in your organization or at your clients organization? How did you handle it? 
   Different types of incidents have happened at different times. Nowadays, any incident that happens at a frequency of two times in a year and majorly it is a ransomware attack. They just hack the server and then they ask for some Ransom money in dollars, then they restore it back. We have also faced this problem in our data centers also, so ransomware is the major security threat from the last two-three years. And before that, there were other threats like, staff trying to manipulate the data for their profit or theft issue and virus issues were there three-four years back. So with the changing time, the level of threats are increasing.
8. You must have heard about the personal data protection bill. What is your viewpoint on that? And how do you think that it will impact your business?
   It is a very good initiative by the government because till now we were just curbing the issues technically. But now it is declared as a criminal offense so if somebody tries to fiddle with the data or any malfunctioning with the data, there would be some fear of doing these things. So I think this is a very good move by the government concerning cybersecurity. 
9. What is your Viewpoint about the Disha act? How can it impact the business with its enforcement?
   Sorry, I haven’t heard about that.
10. With regard to improving the Security in the digitization Journey of Indian Health sector, as we are moving more towards it. So, what is your advice to the healthcare delivery organizations? 
    The advice is that they should use good quality servers, good certificates, good data security measures, whatever it takes and they should only allow the encrypted data to travel across the servers. So these are the major things that we can do and moreover with the personal security bill we can now act with the criminal prosecution also. These are the only things we can do.
11. With the AI and other emerging Technologies what are the opportunities and challenges you see in handling large-scale Health Data and what are the new job roles that you foresee in regards to data protection and processing?
    This argument is running on from the last 25 years, about the pros and cons of AI. From the customers perspective, the Pros would be they can get answers faster, they can get more relevant data, they can get the better view of data, 360 degree view of data using Ai. In medicine there is a lot of new software like MRI, CT scan, almost everything is digitalized now. The software now is telling where the problem is and providing the diagnoses And for the last 20 years, I’m hearing that it will do the job loss in the industry because a single robot can do work of more than 10 people. Now we are also using some bot in our software so that they can analyze and do everything they require. So I think it’s very helpful for our industry and for the customer. It’s very helpful.
12. Out of my curiosity, I want to ask you a question since you are in this industry for so many years. So have you seen any job loss due to this, AI and other technology 
    See the ones who are not updated at the right time will be not successful in the future and so one has to stay updated to be in the market. Otherwise, I have seen many people 20 years ago who did not update and now they become a liability and organization trying to get rid of them. So my advice to all of them to keep them updated with new trends. 
    For the readers. I like to say that just welcome technology. Let’s try to use a technology to the fullest, it will definitely help in growing the business and technology is the future now.