Protecting Networked Medical Devices from Security Breaches to Enable the Safe Delivery of Virtual Healthcare

By Kevin von Keyserling, chief strategy officer, Keyfactor.

Kevin von Keyserling
Kevin von Keyserling

As value-based care becomes more prevalent, healthcare delivery organizations (HDOs) are continuously looking to transform the patient care model with goals of re­ducing costs, optimizing patient outcomes and driving bet­ter financial performance. As new channels, delivery agencies, and patients taking greater responsibility in managing their care in the continued shift to telemedicine or virtual healthcare, digital security has become an even more important component of this evolving ecosystem.

Given the growth of connected medical devices, the potential for security lapses from release through use is considerable. While implanted devices draw the most attention, the broader universe of medical care gadgets can also warrant concern. In the U.S. alone, hospitals can average anywhere between 10 to 15 connected devices per-bed. With this kind of scale, the number of security gaps can be significant.

Medical devices that feature wireless connectivity, remote monitoring, and near-field communication technology allow health professionals to adjust and fine tune implanted devices remotely and in real-time. Devices capture and transmit data across many channels and receiving parties, but many fail to incorporate data security protocols and standards. Older devices that remain in the field may be using outdated security software. There is also significant ambiguity on who owns the data, which can result in nobody taking the lead on managing current security practices. Put these factors together and it’s easy to understand why healthcare data is highly susceptible to security failures.

Optimizing Data and Device Security

Healthcare has the highest breach-related costs of any industry at $408 per-stolen record. As patients willingly share personally identifiable information (PII) reliable controls must be in place to protect patient privacy. Every identity within an organization must be covered by layers of digital security, and the process can be broken down into smaller bites to ensure you’re setting the stage for optimized data and device security without taking everything on all at once.

Write a Comment

Your email address will not be published. Required fields are marked *