IT Support and Hardware for Clinics
35.9K views | +2 today
Follow
IT Support and Hardware for Clinics
News, Information and Updates on Hardware and IT Tools to help improve your Medical practice
Your new post is loading...
Your new post is loading...
Scoop.it!

Do the Cyber Risks of the IoT in Healthcare Outweigh the Benefits?

Do the Cyber Risks of the IoT in Healthcare Outweigh the Benefits? | IT Support and Hardware for Clinics | Scoop.it

The Internet of Things, or IoT, is a system of internet-connected objects that collect, analyze and monitor data over a wireless network. The IoT is used by organizations in dozens of industries, including healthcare. In fact, the IoT is revolutionizing the healthcare sector as devices today have the capability to gather, measure, evaluate and report patient healthcare data.  

 

Unfortunately, IoT connected devices also exponentially increase the amount of access points available to cyber criminals, potentially exposing sensitive and confidential patient information.  In order to take advantage of this valuable new technology, healthcare firms need to ensure that they are aware of the risks and address them ahead of implementation.

How are healthcare organizations using the IoT?

Businesses in the healthcare sector are taking advantage of the IoT to provide better care, streamline tracking and reporting, automate tasks, and often decrease costs. Here are a few examples of how healthcare organizations are using IoT:

  • Medicine dispensers are now integrated with systems that automatically update a patient’s healthcare provider when they skip a dose of medication.
  • Smart beds are equipped with sensors that indicate when it is occupied, alerting the nursing staff if the patient is trying to get up.
  • Caregivers are taking advantage of ingestion monitoring systems whereby swallowed pills transmit data to a device, tracking whether a patient is taking medication on schedule or not.
  • Smart inhalers can now track when asthma and Chronic Obstructive Pulmonary Disease (COPD) sufferers require their medicine. Some of these devices are even equipped with allergen detectors.

 

Connectivity of healthcare solutions through cloud computing gives providers the ability to make informed decisions and provide timely treatment. With the IoT connected technology, patient monitoring can be done in real-time, cutting down on doctor visit expenses and home care requirements.

 

However, as healthcare organizations begin to integrate IoT technology into devices more frequently, cybersecurity risks increase significantly.

Cyber risks of healthcare IoT tech

Cyber risks have become sophisticated and there has been an enormous increase in the quantity and severity of attacks against healthcare providers. In fact, since 2009 the number of healthcare industry data breaches has increased every year, progressing from only 18 in that year to 365 incidences in 2018.  Significant financial costs to a healthcare organization are a consequence of these breaches due to fines, settlements, ransoms, and of course the costs to repair the breach itself.  

 

Businesses are becoming progressively vulnerable to cybersecurity threats due to rapid advancement and increasing dependence on technology. Unsecured IoT devices pose a higher risk by providing an easily accessible gateway for attackers looking to get inside a system and deploy ransomware. Everything from fitness bands to pacemaker devices can be connected to the internet, making them vulnerable to hacking. Most of the information transmitted isn't sufficiently secured, which presents cybercriminals with an opportunity to obtain valuable data.

Managing IoT cybersecurity risks

No organization, including healthcare firms, can block all attackers. However, there are ways in which they can prepare themselves. Use these tips to help protect your healthcare organization from IoT-related cybersecurity risks:

  • Encrypt data to prevent unauthorized access

  • Leverage multi-factor authentication

  • Execute ongoing scanning and testing of web applications and devices

  • Meet HIPAA compliance requirements

  • Ensure vendors meet HIPAA compliance requirements

  • Protect endpoints like laptops and tablets

  • Healthcare staff should be educated to look for signs of phishing emails like typos and grammatical errors

IoT device-specific protection tips:

  • Acquire unique logins and device names. Avoid using the default configurations
  • Ensure the latest version of the software is installed
  • Take an inventory of all apps and devices that documents where it resides, where it originated, when it moves, and its transmission capabilities

Smart devices connected through the IoT increase access points for cyberattacks, significantly increasing risk and organizations need to be prepared in advance to prevent damage from such threats.  The healthcare industry is one of the most sensitive and frequently targeted sectors as well as one of the most costly in which to address a breach. Therefore, it is prudent for organizations to include IoT devices in a thorough cybersecurity risk assessment and ensure that they take all the necessary precautions to minimize vulnerabilities from implementing these IoT devices.

Technical Dr. Inc.'s insight:
Contact Details :

inquiry@technicaldr.com or 877-910-0004
www.technicaldr.com

more...
No comment yet.
Scoop.it!

Every internet-connected device is a potential privacy risk

Every internet-connected device is a potential privacy risk | IT Support and Hardware for Clinics | Scoop.it

Samsung has caused controversy with the revelation its voice-recognition system enables internet TVs to collect sounds and send them to a third party, including any sensitive information you might happen to talk about in front of the box.

While this warning is alarming for the privacy-conscious, it's a microcosm of a much larger threat that many in the consumer security business have been warning against  and which you can expect to hear more often.

Devices that require personal input and the collection of personal data to function — be it via voice, camera, location or otherwise — have been a part of our lives for years, and are only increasing.

Here is a list of some of the household and personal items snooping on you:

Smartphones

A small box that can collect location data, detect motion, store audio and video plus keeps track of your online activities, your phone provides a way for most of your apps and services to "listen in" on you in one way or another, not to mention a microphone which researchers have manipulated to spy .


You can easily control when a Samsung Smart will and will not collect voice data, the company says.

Apple's Siri, for example, functions almost identically to Samsung's voice recognition.

These services rely on a dedicated voice-recognition service somewhere in the cloud to take your complex requests and queries, translate them into understandable text, and send them back to your phone or TV.

While they may not be actively listening 24 hours a day, at the very least they are monitoring the microphone's feed in expectation of a command.

Video game consoles

Microsoft's Xbox One and its attached Kinect sensor works the same way, but adds video to the mix as well. Kinect keeps track of the people in a room so it can detect who's present and load their preferences accordingly, or zoom and pan the camera to make sure everybody is in frame during a Skype call.

Microsoft faced backlash in 2013 for its zealous attitude toward collecting data from Kinect (which eventually forced it to dial back its plans) and, coincidentally in the same year, LG landed in some strife for a voice-activated TV that was found to send voice recordings online.


The Smarter Wi-Fi Coffee Machine. It knows when you wake up or when you're likely to get home so it can greet you with sweet caffeine. Photo: Smarter

Coffee machines and airconditioners

A device that "listens" before using the internet to provide us with a service is not a new idea. The trigger for controversy, it seems, is the revelation that a device could do that without us explicitly telling it to. Yet this is the cornerstone of many devices and services we use every day (including web browsers, social media, smart public transport cards, Google Now etc) and will continue to be so as we move towards the all-connected "internet of things". 

A connected coffee-maker, for example, collates data about when you're home so it knows when to make coffee. Ditto for connected airconditioners. Both devices are soon to be (or already are) on the market, and necessarily "listen in" on your life and activities, collecting data on you so they can do their job. LG already has an voice-command airconditioner that literally "listens in", cooling the room if you yell out that it's too hot.


Your phone provides data on your movements, purchases, preferences, searches, and communications to countless apps and services. Photo: Reuters

Is this form of data collection really so scary considering the reams of information we already gladly hand over to the companies that provide our email, maps or ride-share services? Are we really concerned about Samsung's microphones in our house and fine with the microphone, GPS and camera we take around in our pocket literally every day?

A common piece of advice when it comes to the internet is "if you don't want the whole world to hear about it, don't say it online". Increasingly, we not only have to apply this test to emails and facebook messages but to the data we allow our appliances and devices to collect as well. If it's connected to the internet, assume this data is being transmitted online.

Some privacy-minded folks advocate active avoidance, keeping the use of these devices to a minimum, disabling settings or placing a piece of sticky tape over your device's data-collecting apparatus.

Others take pride in their old-school Nokia phones, dumb TVs and ability to "stay off the grid".

But most of us give up information about ourselves constantly because it gives us access to incredible conveniences and technology, and we can't have our cake and eat it too.

Yes, companies like Samsung and Apple and Microsoft must be transparent about what they do with our data, and to whom they give it. But if the last year or so of data breaches, wide-scale hacks and government snooping has taught us anything, it's that no data stored or transmitted online is safe from prying eyes.

In the end we have no absolute control over where our data goes.

The best we can do is be informed about what data our devices are collecting, and if you really don't want something transmitted online, take Samsung's advice and don't say it where an internet-connected TV can hear you.



Via Dr. Dea Conrad-Curry, Gust MEES, Oksana Borukh, Paulo Félix
more...