Healthcare providers are heavily dependent on connected solutions to provide better patient care, decrease crisis response times, and improve efficiency throughout their organizations. Nowadays, almost every hospital and clinic relies on EMR software to house important patient records, connected medical devices to gather that information, and apps to relay that information to patients and create connections. These systems greatly benefit both providers and patients alike, but also create vulnerabilities for malicious parties to explore and exploit. Week 3 of our Cybersecurity Awareness Month series of posts takes a closer look at some of the considerations of connected-device usage and steps needed to encourage safe usage.
While its usage was already trending upwards well before the pandemic began, telehealth has become a vital way to provide care while maintaining safety for all parties involved. Making sure your org has chosen a valid and telehealth platform is key, as is keeping the devices used in providing the service to patients up to date to avoid any possible security concerns while transmitting important protected information. And always be sure to use a secure network when accessing these systems, never a free or unsecured wireless network while traveling.
Wearable technology like smart watches are becoming more prevalent and also more complex. While they started out capturing simple data like daily steps, many are now are capable of taking accurate heart readings and calling for help in emergencies, leading some insurance providers to offer hefty discounts to customers to obtain the devices. In fact, one major insurance provider even supplied Apple Watches free of charge to almost 50,000 employees to boost participation in company wellness programs. Of course, having a connected device tracking this amount of information all day long can present a security risk, so users should always be sure to keep these devices as up-to-date as possible and protect against unauthorized access by requiring a PIN or other means of locking the device.
Apps are a great way to take an active role in managing your wellness efforts. There are all sorts of options to monitor food intake, manage medications, or track workout routines. But in most cases all of this information is stored somewhere else and you should protect these accounts with strong passwords and multi-factor authentication when possible. Also, make sure you're using trustworthy apps by checking reviews before downloading. You should also confirm all of the possible information the app may be collecting and who it is sharing that information with. If possible, configure any available privacy and security options before beginning to use the app.
Electronic systems have increased the ease of accessing and sharing patients records. In order to protect these records, healthcare providers should encourage employees to take great care in creating appropriate passwords for system access. Longer passwords are better than using a mishmash of special characters or numbers instead of letters. Something like P@5$w0rD is still incredibly weak against brute force attacks, especially compared to a password that is at least 12 characters long. If you can, create a passphrase instead of a password. The same goes for patients accessing these systems, as we recommended above make sure you're accessing any client portals from a secured device on a secure network to help protect all the important information being stored within.
Only one more week to go! Keep up the good work improving your security practices at work and at home, and keep sharing helpful content like this quick video from the National Cybersecurity Alliance with colleagues, friends, and family. And as always, visit staysafeonline.org for more helpful info.