Does Tech Put You at Risk?
Technology offers many benefits in a healthcare environment. Yet, it can also create health information security risks for patients and providers. Though many individuals and businesses are familiar with the risks of HIPAA violations or the possibility personal data will be compromised, there may be a bigger danger for some medical facilities.
Hacking Medical Equipment
According to a team that investigated healthcare equipment over the course of two years, many pieces of medical equipment can be hacked. Innovations, such as Bluetooth capability on machines, opens equipment to hacks, and tech mischief. Unknowingly, it could cause hazardous situations for patients or staff. The team said that defibrillators with bluetooth technology could be programmed to deliver random or dangerous shocks; drug infusion pumps could be hacked to alter dosages. Investigation also showed that x-rays could be viewed by peeping hackers. Essential supplies could be ruined if hackers reset refrigerator temperatures. Though some hospitals are working to close security gaps, not all facilities recognize the dangers, says the Essentia Health, head of information security, who performed the tests.
OpenSSL Health Information Security Risks
Many readers have likely heard of the Heartbleed risk to SSL networks. According to reports, a new OpenSSL issue weakens network handshakes between computers. Network handshakes occur when data or processes are communicated across networks, which happens often in healthcare environments. Billing claims, sending referral data, or sharing information with multiple providers likely involve handshakes; in modern hospitals, almost all equipment is hooked up to the network, increasing vulnerability. Luckily, OpenSSL fixes for the issue have been released.
Technology offers a number of great benefits when it comes to medical care. Patients and providers should also be aware of heath information security risks and work together to keep those risks to minimum levels.
Are you surprised at the different kinds of health information security risks?