According to a 2017 IBM-sponsored study on cybersecurity, the healthcare industry incurs higher data breach costs than four other industries: financial services, research, media, and the public sector. The same study also reports that the healthcare industry has higher per capita data breach costs than average.
In 2017, the US healthcare industry spent $380 per compromised record, with the four-year average totaling $369 per record. Meanwhile, the average per capita costs across a range of industries was $141 per compromised record.
These statistics are alerting health care providers to the challenges inherent in emerging healthcare technologies. In this article, we discuss three important technologies, the cybersecurity risks involved in their deployment, and the breaches that affect patient critical care.
Drones (UAVs)
Modern UAVs (unmanned aerial vehicles) are revolutionizing the delivery of healthcare to millions. In collaboration with the Rwandan government in 2016, Zipline (a California-based drone company) transported blood to 21 transfusion centers in western Rwanda. The drone deliveries will continue to benefit about 7 million people in the impoverished region.
In 2017, the same start-up collaborated with ASD Healthcare, Ellumen, and Bloodworks Northwest to deliver medicine and blood to remote communities in Nevada, Maryland, Washington, and a few Native American reservations.
Meanwhile, new drone inventions continue to enter the market, the most exciting being the telemedical drones developed via the Telemedical Drone Project. These drones facilitate remote physician-guided surgery through the use of Google Glass.
While drone technology is saving lives, C-suite healthcare executives are increasingly concerned about its cybersecurity risks. For example, drones with cameras may violate central tenets of HIPAA. Additionally, commercial drones contain two vulnerable attack vectors: a misconfigured FTP server and an open access point.
This means that hackers can easily sabotage the drone’s WiFi connection to overwrite its filesystem. This gives them complete control of the drone. In turn, the possibility of terrorists weaponizing hijacked drones to perpetrate biological warfare on millions of innocent people is an extremely frightening scenario.
Augmented Reality (AR)
AR is a close cousin of VR (virtual reality), but it’s AR that’s currently taking the healthcare industry by storm. While VR replaces the real world with an immersive digital world, AR superimposes data onto our experiences in real-time. Think Minority Report’s gesture-based user interfaces or Ironman’s helmet with a retractable visor displaying holographic data to Tony Stark.
Top AR products in healthcare include Medsights Tech, AccuVein, and Augmedix. Augmedix uses Google Glass to generate medical notes in real-time during doctor visits, while AccuVein displays the veins of patients to nurses, facilitating accurate, first-time blood drawings and intravenous injections. Meanwhile, Medsights Tech provides real-time, reconstructed X-ray views of tumors to physicians.
As revolutionary as these products are, the inherent cybersecurity risks are significant. For example, surgeons place great faith in the authenticity of the Google Glass data before their eyes, but AR isn’t infallible. Potentially bad data can endanger the lives of patients.
Additionally, sophisticated malware can expose patients to physical or psychological attacks. It can also promote the theft of medical data to facilitate malicious impersonation, and even allow hackers to blackmail patients.
Smart Medical Devices
The global smart medical device market is slated to exceed USD 20 billion by 2025, so it’s certainly a pivotal emerging technology. Present-day medical devices are equipped with sensors and microprocessors, facilitating patient self-monitoring. These revolutionary devices comprise everything from implantable defibrillators to cardiac pacemakers.
Yet, the wireless connectivity capabilities that promote remote care also expose the devices to ransomware attacks. The biggest vulnerabilities reside in unencrypted and unauthenticated communications. The recent WannaCry ransomware attack on U.K. and U.S. hospitals raises questions about possible North Korean involvement.
Certainly, the challenges involved in deploying emerging technologies are fueling a boom in healthcare IT hiring. According to the 2017 Global Information Security Workforce Study, 9% of healthcare hiring managers want to increase their cybersecurity workforce by 16-20%. 30% of these managers want an increase of more than 20%.
The most popular positions these managers are hiring for include Operations and Security Management and Incident & Threat Management and Forensics. The healthcare industry’s focus on security addresses increasing threats to its data network.
To receive cutting-edge coverage about emerging healthcare technologies and other critical issues, contact us.