Three trends in health care call for extra dose of cybersecurity
Data defenses must keep pace with adoption of new technology in medical sector
By Ryan Orsi, Special to ThirdCertainty
Today, hackers and cyber criminals have set their sights on the health care industry. Since the Ponemon Institute began its data security study five years ago, criminal attacks in health care are up 125 percent and are now the leading cause of data breaches. The study reports most organizations are unprepared for the threat and lack resources and processes needed to protect patient data.
To help keep patient data secure, here are some top tech trends and security concerns in health care:
No. 1: The Internet of Things (IoT)
In the health care industry, IoT means the addition of Internet connectivity to devices already in market or new next-generation Internet-enabled products. These devices have revolutionized the industry by increasing efficiency and reducing costs.
However, all medical devices must be evaluated for security flaws. Since these devices weren’t originally networked, they may not have enough cybersecurity protections. As a result, it is easy for cyber criminals to use a device to gain backdoor access to a health care network.
IoT devices must be patched for vulnerabilities just like personal computers and corporate servers. Beyond this basic practice, additional layers of security are necessary to help protect devices and networks.
No. 2: Mobile devices
The math is simple. More entry points into a network increase the chance of a security breach. Therefore, the employees’ mobile devices can significantly increase the attack surface of a health care organization.
Mobile phones are becoming an increasingly popular target for hacks. Not only can hackers gain access to personal information on the phone, but they also can use the phone as a means to launch backdoor attacks from the phone onto the user’s connected networks.
Related story: Mobile payments get easier, but security questions remain
Health care organizations must have BYOD mobile device policies. From allowed and banned apps to acceptable use, these policies will help mitigate risk.
No. 3: Security trumps convenience
Many people enjoy the convenience of accessing Protected Health Information (PHI) from mobile phones and across cloud services. Although this access is convenient and the applications feel similar to other services, users must be mindful of their security practices when accessing PHI.
Using encryption software and proper privacy protocols is a small, but important step toward keeping personal data secure.
We cannot allow technology adoption in health care to outpace cybersecurity defenses. Technologies will change, and security researchers, vendors and leaders need to find a balance between technology and security.
Stories on medical records security:
Cloud use increases data security risk for health care organizations
Health care sector not doing enough to protect patient data
Healthcare, banking companies issue easily spoofed emails