Hospitals house the personal information of countless patients. From people coming in for checkups, to every child born within their walls, the ever-growing storage of patient information is both a wealth of information for doctors and researchers… and a treasure trove for hackers.
Yet, surprisingly, every year has brought a growing concern that our hospitals are not taking the necessary measures in order to properly secure this information. With the growing use of mobile devices to perform data entry and data transference, one would think precautions would be taken. But this isn’t always the case, especially in the healthcare field.
The Situation in the Medical Realm
During a survey taken by Verizon’s 2020 Mobile Security Index, almost 38% of healthcare organizations admitted that they had experienced some sort of compromise that involved the use of a mobile device within the previous year. A part of what makes this significant is that the previous percentage had been 25%, an alarming growth of 13%.
Unfortunately, that’s not all the survey revealed. Just as the number of compromised mobile devices has risen, the number of healthcare professionals concerned with mobile security has dropped from 83% to 73%. Meanwhile, only 35% of healthcare organizations restricted unvetted cloud app use and 49% restricted some app functionality when it was accessed through an unknown network. This does not bode well as the use of smartphones is only growing.
Why is This Happening?
When asked about the lax attitude in mobile security, the survey had revealed an answer that made sense but raised concern: it was to “get the job done.” 37% of the healthcare professionals who responded and work in high-stake medical settings had expressed a need for expediency and convenience. Only 12% of those that responded said they had a system in place to encrypt data or change their default passwords—basic practices in the world of digital security.
The Risks from This Behavior
With so much information being in hospitals, and this growing lack of security, it can be easy for a hacker to dive right in and steal what they want, whether it’s patient or employee information. This can lead to black market selling of information or even the blackmailing of individuals. Meanwhile, some of the survey respondents had mentioned a new type of malware that’s using their devices for cryptojacking, the act of mining for cryptocurrencies by the hacker. Ransomware has also been a consistent threat, creating a risk that can leave doctors without access to their important technology when it strikes.
These don’t just endanger the information of employees, but the very lives of those who go into the hospital sick or in critical condition. According to The Verge, the cybersecurity researcher and informatics fellow at the University of California San Diego Health, Christian Dameff, had said that too many hospitals lack a full-time cybersecurity team, and that “there’s a lack of awareness, and there’s a lack of resources.”
Even as some hospitals are now running ransomware training simulations, they’re all still far behind in keeping pace with the constant rise of digital threats. It will likely take a concentrated effort by hospital administrators, physicians, and cybersecurity professionals to develop an organization-wide system for digital security.
A Remedy for Data Security
There’s a clear need for enhanced security measures and practices in hospitals and medical organizations. With our SecureDrive and SecureUSB products, you can get a reliable means of transporting data safely, reliably, and without compromise, with features such as:
When you choose SecureData’s FIPS-validated and HIPAA Compliant data storage devices, you can keep your vital information safe in the healthcare environment. Call us at 1-800-875-3230 to learn more about our SecureDrive products.