Medical care facilities have expressed apprehension over risks associated with smartphone cybersecurity.
Hospital mobile security is a concern with increasing priority in medical facilities. The use of mobile technology has made it possible to enjoy many meaningful advantages in hospitals. Nurses can communicate more quickly, care team members – including doctors – can communicate more effectively, care can be more effectively coordinated, and workflows are more efficient.
That said, this platform may be convenient and helpful, but it opens system to cybersecurity risks.
A survey of 100 hospital IT and informatics executives by Spyglass Consulting Group provided insight on this topic. The firm is located in Menlo Park, California and specializes in market research and consultancy. The participants provided a solid representation of the 2,500 hospitals across the United States with over 200 beds. The research looked into hospital mobile security with in-house technology. It examined the level of protection and concern in place. The protection was regarding patient data, the mobile devices themselves and the technology infrastructure of the hospitals.
The research revealed that hospital mobile security is a large concern despite the benefits of the tech.
Managing director and founder of Spyglass, Gregg Malkary, said “Smartphone technology has really taken on a serious role as to how it fits into clinical communication, but every time you integrate systems, there are points where the data is in the clear, and where it is vulnerable.”
The mobile security survey examined the way connected devices such as tablets and smartphones could place a hospital’s IT infrastructure and network at risk of cyberattack. Attacks included: malware, blastware and ransomware. It took into account both devices personally owned by medical practitioners and devices owned and managed by the hospitals themselves.
The survey showed the largest concerns and issues in hospital mobile security. Personally owned devices commonly contained inadequate password protection. Furthermore, they were not satisfactorily protected with security software. They typically relied on SMS messaging that was not secured in order to communicate with other clinic team members. Many of those communications included sharing patient health information. This exposed that information to access by unintended recipients.