Hospitals and device manufacturers in the US are unprepared for the glut of security and privacy challenges that come as they look to extend their data sharing capability, says Threatpost.
The reports come as healthcare providers adopting the internet of things (IoT) devices such as smart insulin pens, Apple Watch apps and connected inhalers proliferate the market. The technology helps doctors collect data on patients in vulnerable or difficult situations. Examples include those in rural areas or the elderly who struggle to visit their doctor.
However, as more medical devices become connected, the number of security and privacy issues cropping up is on the rise. Data flaws in defibrillator products, the high-profile KRACK key-reinstallation attack and WannaCry ransomware virus are prominent examples of extreme vulnerabilities that could lead to dire consequences.
The flaws are a result of a lack of enforcing basic security principles like unique passwords, insufficient base hardware with low-level quality and storage. Additional vulnerabilities are due to legacy software systems like Windows XP which are still widely used in the healthcare industry.
The future for IoT in healthcare may look bright, but hospitals and healthcare centers must work together to create a secure connected environment that can embrace innovation. The approach should think about the users and the devices while including stakeholders from IT, security and development areas to provide the requisite expertise for trusted services.
The IoT market for medical devices is expected to reach $266.8 billion by 2026 from $49.8 billion in 2018.