By Narinder Singh
In the evolving world of healthcare, inpatient telemedicine has emerged as a powerful tool, offering hospitals the ability to both improve patient care and reduce costs. Yet its rapid growth often comes at the expense of crucial safety standards. This is a growing concern; within the next 12 to 24 months, a major hospital outage or ransomware attack will likely be traced back to a telemedicine solution.
As these systems gain more attention, we will likely see a future where every hospital room will be enabled with intelligent video. While this will bring tremendous benefits to clinical settings, it will also become a more visible target for cyberattacks. Inevitably, it will become a CEO-level priority. Most clinical settings utilize older telemedicine solutions that have historically been exempt from more comprehensive security standards - an oversight that can have severe consequences.
Ad Statistics
Times Displayed: 49670
Times Visited: 1409 Ampronix, a Top Master Distributor for Sony Medical, provides Sales, Service & Exchanges for Sony Surgical Displays, Printers, & More. Rely on Us for Expert Support Tailored to Your Needs. Email info@ampronix.com or Call 949-273-8000 for Premier Pricing.
For instance, the WannaCry ransomware attack in 2017 profoundly affected the UK's National Health Service (NHS) and other global healthcare systems, causing the cancellation of thousands of appointments and surgeries. Hackers exploited a vulnerability in older Windows systems within the NHS networks.
Astonishingly, even nine months post-attack, over 200 sites remained non-compliant in addressing these vulnerabilities. Since then, attacks on health systems have only escalated. In fact, a recent JAMA study found that since 2016, such attacks have doubled, and the exposure of protected health information (PHI) has increased by an alarming 11 times.
Proactively address telemedicine security risks
As these threats continue to escalate, it is crucial for hospital leaders to proactively address potential security issues and ensure that telemedicine solutions are integrated into their organization's overall security policies. The following recommendations can help safeguard hospitals from telemedicine security risks:
Prioritize vendor security: Insist that telemedicine vendors undergo rigorous third-party security audits, such as SOC2 Type II, or equivalent assessments that include third-party penetration analysis. Relying solely on the hospital's own security reviews, customer references, or a vendor's history may increase risk and slow the adoption of new innovations.
Update security approval process: Implement a process requiring CEO or COO review and authorization for any deviations from the hospital's security policy. This ensures that exemptions are rare and accompanied by risk mitigation strategies, ultimately safeguarding the organization's best interests.
