What new risks and vulnerabilities are introduced with providing remote healthcare?
Since the COVID-19 pandemic has forced millions of people to work from home, companies across the world are considering a permanent shift to remote work. Healthcare is just one of the many sectors that have been increasing its offering of remote services. This online version of healthcare is referred to as telehealth and allows physicians to conduct virtual visits and consultations with patients via a computer from their own home. The global pandemic seems to have greatly accelerated the mass-adoption of telehealth. Overall, it is predicted that the adoption of telehealth will increase by 64.3% In America this year.
Many healthcare providers have eagerly adopted telehealth to continue patient care through these hard times, but many of the telehealth platforms do not meet HIPAA requirements to protect data. HIPAA requires that providers use encryption and other safeguards when dealing with patient data. Telehealth allows patients to use their computers and mobile devices to access sensitive information, but often times their devices don’t have these safeguards.
Healthcare organizations possess tons of sensitive information. Therefore, providers, platforms, and vendors must also incorporate data security practices to ensure the safekeeping of data. Telehealth increases the number of channels that data and medical records can be accessed through, so it is crucial that each individual channel is kept in mind when considering cybersecurity. While telehealth maybe much more convenient than taking the risk and making a visit to the doctor's office, every new device or end point machine used creates a new potential entry point for hackers.
The increase in widespread telehealth adoption has therefore also increased the available attack surface of healthcare. This includes both patient computer systems and the new telehealth applications and services quickly deployed by health delivery organizations (HDOs). The greatest concern for healthcare now is access control. Preventing unauthorized access to confidential information or access to the HDO network, which contains thousands of end point medical and other HIoT devices, is a priority with the incredible growth of medical cyberspace.
The benefits of telehealth outweigh the risks, but telehealth platforms must incorporate stricter standards and procedures to minimize potential threats. In 2019, breaches cost the healthcare sector over $4 billion.
Read more on how HIoT systems affect patient safety