About Thawte

News

Study finds alarming security weaknesses in healthcare technology

Recently, Scott Erven and his team completed a 2-year study examining the security of technology being leveraged in the healthcare sector. In today's hospitals, doctors, nurses and practitioners are increasingly relying on automated systems to provide accurate treatment and ensure patients are cared for.

However, Wired contributor Kim Zetter reported that Erven's study findings illuminated some frightening vulnerabilities within the security of these advanced technologies. Erven uncovered drug pumps that could be remotely adjusted to change dosage settings as well as defibrillators equipped with Bluetooth capabilities that could be hacked. Furthermore, the study also discovered holes in hospital networks that would enable cybercriminals to access X-rays and other records. Such an invasion could be disastrous, as not only would attacks have the ability to snoop patients' personal information, but they could also change records to contain the wrong diagnoses, treatment information or other components.

Unaware of the impact
Erven noted that one of the most troubling findings highlighted by the study was that many institutions were simply "unaware of the high risk" connected with their technology.

"Even though research has been done to show the risks, health care organizations haven't taken notice," Erven told Wired. "They aren't doing the testing they need to do and need to focus on assessing their risks."

Another worrisome aspect of the study was the fact that patient records could be, in some cases, access by unauthorized viewers due to weak network security. This is in direct violation with the Health Insurance Portability and Accountability Act, which established certain industry regulations for the protection of digital healthcare records. Institutions must create a secure environment for access and transmission of patients' personal health data and ensure that this content is protected.

Boosting healthcare security
However, hospitals and other healthcare organizations can work to bolster their data security by observing a few best practices. One strategy is to regularly review the information being stored by the group, and clearing any data that is outdated or unnecessary, advised Becker's Hospital CIO contributor Kathleen Roney. This way, the network would present a less attractive target for hackers.

Additionally, if the institution supports a bring-your-own-device or other mobile program, administrators should be sure that each smartphone, tablet or laptop being utilized to access the network is secure. Roney suggested leveraging robust passwords and authentication credentials, monitoring programs and firewalls.

Healthcare groups should also implement encryption as an additional security layer to protect sensitive records and other information.

Protect data in transit with an SSL certificate today.

corporate office

Thawte
The Gateway
Century Lane
Century City, 7441
Cape Town
South Africa

Postal Address:
P O Box 15986
Panorama 7500
Cape Town
South Africa

Call: +353 1 793 9141
Fax: +27 21 819 2950

We have updated our Privacy Policy which can be found here.

Thawte is a leading global Certification Authority. Our SSL and code signing digital certificates are used globally to secure servers, provide data encryption, authenticate users, protect privacy and assure online identifies through stringent authentication and verification processes. Our SSL certificates include Wildcard SSL Certificates, SAN /UC Certificates and Extended Validation SSL Certificates.

What is an SSL Certificate Which SSL Certificate is Right for Me? Why Choose Thawte?