ips.insight.com/healthcare Identifying mobile security challenges in healthcare
Mobile device adoption is soaring in healthcare environments. Healthcare is one of the fastest-growing industries in the world and one of the biggest targets for cybercriminals. Research notes that four in five clinicians are using smartphones daily, while nearly half are using tablets daily. Because mobility in healthcare spans a broad array of devices and applications from notebooks and tablets to Radio-Frequency Identification (RFID)-based medical instruments organizations must take a comprehensive view of mobile security. Experts believe an enterprise approach, both in healthcare facilities and in outpatient interactions, is an essential element in solving problems before they become intractable.
The cost of healthcare data breaches $3.5 $359 PLUS million per incident in 2015 up 15% from just two years earlier 1 average per-record cost to healthcare organizations nearly 150% greater than the cost for all industries 1 the potential for multimillion-dollar fines for compliance violations under the Health Insurance Portability and Accountability Act (HIPAA) and the Affordable Care Act 1
No. 1 source of medical records breach = loss or theft of mobile devices Forrester Research indicates that 78% of record breaches in healthcare are attributable to lost or stolen devices, compared to just 15% across all industries. 2
Device vulnerability As practitioners, medical staff and administrators increasingly adopt mobile devices, they often encounter new varieties of phishing, malware and social engineering. Mobile medical devices are an increasingly significant security problem. The U.S. Food and Drug Administration has issued a safety communication to address cybersecurity threats posed by medical devices and hospital networks, noting that a wide array of threats open up the devices as intrusion methods to infiltrate and steal Protected Health Information (PHI). 3
Cloud challenges Rising adoption of cloud computing in healthcare is closely linked to widespread mobility usage. As healthcare Forrester mobility Research grows, the indicates increasing that 78% number of record of access breaches points in healthcare makes healthcare are attributable providers to lost a more or stolen devices, compared to just 15% attractive target for hackers. across all industries. Cloud-based solutions are particularly useful for a mobile workforce that needs to access easy-touse applications and real-time information from anywhere, at any time, says Jeffrey Kaplan, founder and managing partner at THINKstrategies.
Wearable devices According to analyst firm Mordor Intelligence, worldwide revenues of wearable medical devices are expected to increase from $2.8 billion in 2014 to $8.3 billion in 2019. 4 These devices introduce new access points for hackers to capture protected health information. While data points about glucose levels or blood pressure do not pose a significant security risk, the complete medical history of an individual that can be uploaded to wearables over time is more valuable.
Reducing your risk While these and other steps are logical starting points for reducing mobile security risks, Mobile Device Management (MDM) is a must-have for health IT organizations. For many healthcare organizations, that capability now is being expanded into a comprehensive, enterprisewide solution referred to as enterprise mobility management.
Insight knows healthcare security. As the use of mobile devices, instruments and applications continues to surge in healthcare, data breaches and other security challenges are likely to pop up with more frequency. This creates potential for significant economic and operational impact. Healthcare security must balance vigilance and HIPAA compliance with the need to support devices in our mobile world. Insight understands the challenging dynamics healthcare providers face every day. With more than 5,000 top technology partners, and an experienced healthcare team, we can help you design and deploy a network that protects your data without sacrificing agility or speed. ips.insight.com/healthcare Learn how Insight can help you build flexible, secure healthcare solutions by visiting us at www.ips.insight.com/healthcare.
Resources 1 2 Ponemon Institute, Quantifying the cost of a data breach, May 2014. http://www-935.ibm.com/services/us/en/it-services/securityservices/cost-of-data-breach/ Forrester Research, What You Should Do Today to Protect Endpoint Devices in Healthcare, Chris Sherman, February 3, 2015:. http://www. healthdatamanagement.com/web_seminars/what-you-should-do-todayto-protect-endpoint-devices-in-healthcare-49472-1.html. 3 U.S. Food and Drug Administration, Cybersecurity for Medical Devices and Hospital Networks: FDA Safety Communication, June 13, 2013. http://www. fda.gov/medicaldevices/safety/alertsandnotices/ucm356423.htm 4 EMDT, Security Concerns Mount as Wearables Enter Healthcare, Thomas Klein, January 21, 2015.