Even as American hospitals struggle to respond to a rash of ransomware attacks and other security issues, news is emerging that doctors themselves may be among the prime weak spots in healthcare’s cybersecurity safety net. For those seeking to incorporate mobility into healthcare, the latest finding is a reminder of the need for thoughtful security measures, especially around patient information.
Mobile Use Is Prevalent Among Doctors
A report published by Skycure shows strong adoption of mobility among medical practitioners, with 80 percent of doctors now using mobile devices to assist in their daily work. However, the study found that doctors aren’t always security-savvy when using these devices.
Fourteen percent of mobile devices that contain patient information aren’t protected by a password, even though doctors access this sensitive data on a daily basis. Physicians also are surprisingly nonchalant in how they share their data: 65 percent of doctors use SMS to send patient information, 46 percent use photo messaging, and 33 percent use the messenger service WhatsApp.
Skycure’s research suggests that while doctors have been proactive in their embrace of mobility, their devices may be significantly prone to attack, thus requiring a greater commitment to new security solutions. The report found that almost 28 million devices with medical apps installed might also be infected with high-risk malware. The devices themselves may be inherently at risk, especially when their security safeguards aren’t kept current. The report also found that a high rate of patient data may be stored on devices that are running outdated operating systems with severe severity vulnerabilities.
Healthcare Solutions Must Adapt to Growing Security Concerns
Healthcare has good reason to seek out mobile solutions. The around-the-clock nature of medicine, the need to collaborate among physicians, and the likelihood of doctors moving around between offices and hospitals all make a strong case for mobile devices.
At the same time, mobile devices in the medical arena may present a special risk, Skycure CEO Adi Sharabani said when announcing the report’s findings. “Mobile is a huge attack target for cyber criminals who are after sensitive personal data like patient records,” he said. “Healthcare is one place where it is clear that one compromised device puts more than just the device owner’s data and identity at risk.”
Recent government statistics bear out this assessment. The U.S. Department of Health and Human Services reports that more than 260 major healthcare breaches occurred in 2015, a clear indication of the need for healthcare mobility to stay on top of evolving security solutions.
For more information on mobility and security in healthcare, subscribe in the box to the right.