The COVID-19 outbreak has led to a series of rapidly established medical-treatment units the world over, which will be utilizing remote-care devices that lack proper protection. The situation gives hackers more opportunities to perpetrate attacks.
They could also infiltrate these devices to steal a patient’s personal health information, causing complications for both the users of these devices and the healthcare providers themselves.
Temporary medical units carry a unique set of vulnerabilities due to the fact they are remote and sit outside of a defense-in-depth architecture. Because of the very nature of their purpose – to care for patients in a time of crisis – IT security is naturally lower on the priority list.
“They are being set up quite quickly with constrained budgets, and the budget for those is not on IT, it’s on PPE, patient care, getting testing set up, everything a center should be focused on during this crisis,” Tom Burt, corporate vice president of Microsoft Customer Security & Trust, told Healthcare IT News.
He explained that some immediate steps healthcare organizations can take include making sure software is updated and fully patched – what Burt calls the “number one hygiene” measure they can do to make sure they are resilient – as well as enabling two-factor authentication for every account that has access to the pop-up center’s system.
Source: Health IT News