In healthcare, IV pumps and MRI machines are just as important to secure as internal systems. As innovations continue, security must keep pace.
The healthcare industry continues to dominate headlines. Ransomware attacks, facilities unable to function normally, inappropriate backups (or no backups) in place for technological processes, configuration vulnerabilities in VPNs, and so much more. Still, innovations in healthcare technology continue. Technology is always a work in progress and innovations will continue to happen, but the healthcare industry really needs to remember that securing medical technology is part of the process when introducing something new to the ecosystem.
Please don’t misunderstand, this is not a plea for anyone to stop looking to further medical technology. No, technology evolves constantly. In fact, every medical facility should investigate new technology and medical modernization. But what they should remember is that securing that new piece of technology is part of the process. While ransomware is a problem in the industry, it is more detrimental when a bad actor gets into a system through an IV pump or discovers how to control an MRI machine remotely. This is why security matters. “To first do no harm,” is in the oath sworn by medical providers. If a threat actor can control an MRI machine remotely, what risk does that pose to the patient? InfoSec is absolutely vital to maintaining that oath.
Recently, PR Newswire (a Cision blog) recently shared an article outlining several new pieces of technology designed to help healthcare facilities navigate the digital world, as well as help connect patients and facilities over the internet. These companies provide a variety of technological opportunities for healthcare facilities, especially amidst the pandemic when these solutions are so desperately needed.
Now, the security of these individual pieces of medical technology largely falls on the shoulders of the providing company. However, if you’ve ever worked with technology, you know that’s not the end of it. Facilities will still be on the hook if someone gets into that new piece of technology.
This is why it is so important to stay on top of security. Not just in healthcare, in any sector of business. Security is not something you can handle later, it’s not something that can wait, even if it is slowing down development. Tough. Security problems are running rampant through the entire internet, and some industries are more negatively affected than others for various reasons. In the healthcare industry, it’s mostly due to lack of budget and knowledge.
Healthcare facilities around the world need to pause and take a hard look at their security practices. Not all facilities are created equal, some have robust security in place while others have none and the rest fall somewhere in between the extremes. We strongly recommend facilities bring in an expert, an outsider’s perspective often brings more to your attention than your internal team. Once that is done, make a plan for regular security reviews to ensure everything remains secure.