By Devin Partida, Editor-in-Chief, ReHack.com
Twitter:Â @rehackmagazine
Data security is one of the most pressing challenges facing the health care industry today. Medical organizations’ vast amounts of sensitive patient data make them prime targets, and many lack the expertise and tools necessary to protect themselves.
Cybercrime’s recent surge has led many health care organizations to realize that they need better security. The industry now understands the need for data security, but many obstacles remain. Here are five of the most substantial of these challenges for the coming year.
1. Ransomware
Ransomware plagued hospitals in 2020 and 2021, and 2022 will likely be no different. As many as 34% of health care organizations experienced a ransomware attack in 2020, and 65% of those attacks were successful. Of those victims, more than a third paid the ransom, a trend that will encourage future attacks.
Health care data is valuable, so much so that these organizations can’t operate without it. As a result, cybercriminals are more likely to receive a substantial payout from a successful ransomware attack. Ransomware is a reality that medical organizations must plan for, likely for as long as they use digital data.
2. Mobile Applications
Another threat to health care data security in 2022 is mobile medical apps. Telehealth adoption has skyrocketed, rising 50% in the first quarter of 2020 alone, and while this makes medical care more accessible, it also introduces risks. Sensitive medical data is now accessible through mobile devices that often lack extensive security.
Many of these risks exist on the patient’s side. Users who don’t understand the importance of security steps like multi-factor authentication and avoiding public Wi-Fi may make their own medical data vulnerable. App developers and organizations that use them must anticipate this behavior and secure these apps.
3. Lack of Interoperability
As hospitals integrate more digital services, they may encounter an interoperability problem. Many electronic health record (EHR) systems have proprietary design features that hinder their communication with other systems. This lack of interoperability could cause delays or errors that expose sensitive data.
This could also increase IT sprawl as hospitals implement disparate systems for various services. Since these systems aren’t compatible, organizations may host the same data across various applications in a disjointed, complex network. This sprawl will make it harder to understand a network’s vulnerabilities, placing this data at risk.
4. IoT Vulnerabilities
Another positive technology trend with troubling security implications is health care’s rising internet of things (IoT) adoption. Many medical organizations have embraced the IoT to streamline operations and improve data reporting, but these devices are often vulnerable.
According to one study, 63% of health care organizations have experienced a security incident stemming from unmanaged IoT devices. These devices contribute to IT sprawl, often lack sufficient built-in security measures, and expand hospitals’ attack surfaces. If IoT security standards don’t improve, increasing connectivity could jeopardize medical data security in 2022.
5. Limited Resources
Not all trends affecting health care data security stem from technical vulnerabilities. Many hospitals lack the staff, funding, or expertise necessary to protect themselves from today’s cyber threats. Running a hospital is a complex, expensive undertaking, making it difficult to implement proper cybersecurity controls.
Broader security education and advancing technology can help resolve some knowledge and budget-related security gaps. However, cybersecurity could remain a challenge, especially amid increasingly complex cyberattacks. It may take a nationwide effort to address these obstacles.
Medical Data Security Must Improve
Data security is crucial in any business, but medical organizations face more pressure than most to improve security. These businesses are a favorite target of cybercriminals, and as long as they handle valuable data, they will continue to be.
These five obstacles are some of the biggest challenges to health care data security in 2022. When organizations in the industry understand these, they can take more informed steps to improve their cybersecurity.