• Revenue Cycle Management
  • COVID-19
  • Reimbursement
  • Diabetes Awareness Month
  • Risk Management
  • Patient Retention
  • Staffing
  • Medical Economics® 100th Anniversary
  • Coding and documentation
  • Business of Endocrinology
  • Telehealth
  • Physicians Financial News
  • Cybersecurity
  • Cardiovascular Clinical Consult
  • Locum Tenens, brought to you by LocumLife®
  • Weight Management
  • Business of Women's Health
  • Practice Efficiency
  • Finance and Wealth
  • EHRs
  • Remote Patient Monitoring
  • Sponsored Webinars
  • Medical Technology
  • Billing and collections
  • Acute Pain Management
  • Exclusive Content
  • Value-based Care
  • Business of Pediatrics
  • Concierge Medicine 2.0 by Castle Connolly Private Health Partners
  • Practice Growth
  • Concierge Medicine
  • Business of Cardiology
  • Implementing the Topcon Ocular Telehealth Platform
  • Malpractice
  • Influenza
  • Sexual Health
  • Chronic Conditions
  • Technology
  • Legal and Policy
  • Money
  • Opinion
  • Vaccines
  • Practice Management
  • Patient Relations
  • Careers

Cybercriminals using medical devices to hack hospitals


Security experts have been warning health care companies for years that all the connected medical devices are potential vulnerabilities

Cybercriminals are taking advantage of all the connected medical devices within hospitals, and security for them is lacking, according to a report from Cynerio and the Ponemon Institute.

Security experts have been warning health care companies for years that these devices are vulnerable to hacking because their security features are often outdated or inadequate, if they have security at all.

More than half of the respondents said senior management did not require assurances that medical or internet-connected device risks were properly monitored or managed.

In the report, 56% of respondents said internet-enabled device attacks resulted in longer patient length-of-stays, while 48% of respondents said they resulted in theft of patient data. In contrast, only 3.4% of hospital IT budgets are spent on device security.

Part of the problem is with the explosion in the number of these devices, they are often overlooked. The report found that 67% of organizations don’t even keep an inventory of them, and there is no clear ownership in many organizations about who is responsible for protecting them.

The report showed that 49% don’t measure the effectiveness of device security procedures, compared to 46% who take proper security steps. Of those organizations who reported a breach in the past two years, 88% said at least one connected device was a contributing factor to the breach.

Unfortunately, the only thing that may change these lackadaisical approaches for some hospitals is for a serious event to occur where hackers breach the hospital through a device that results in a loss of revenue or damage to relationships with clinicians or business partners, according to the report.

Related Videos
Kyle Zebley headshot
Kyle Zebley headshot
Kyle Zebley headshot
Michael J. Barry, MD
Hadi Chaudhry, President and CEO, CareCloud
Claire Ernst, JD, gives expert advice
Arien Malec