Medical imaging has been used by doctors since the late 1890’s, when x-rays were discovered and soon put into practice. Since then, medical imaging technology has rapidly advanced to include ultrasounds, fiber-optics, magnetic resonance imaging (MRI), CT and PET scanning, cardiology videos and more. More recent advances have allowed for data and imaging results to be shared among different healthcare providers and vendors and have made using medical equipment as easy as tapping the screen on a smartphone. Unfortunately, these improvements don’t come without their own setbacks.
Storing Digital Healthcare Records and Images
The digitization of healthcare records and tools like vendor neutral archives (VNAs) and picture archiving and communication systems (PACS) have helped to make medical imaging and diagnosing more efficient than ever. Not surprisingly, security vulnerabilities can arise when healthcare images can be shared among a variety of practicians and vendors. Many medical imaging systems are storing not only images, but also sensitive protected health information (PHI) and other identifying data. While VNAs and PACS are generally secure, healthcare organizations themselves are often notoriously behind on their cybersecurity because they tend to prioritize updates to their medical technology instead. As practitioners access, update and modify the records, that access point becomes a cyber risk.
Vulnerabilities in Medical Devices
Last year, a number of major data breach attacks in the healthcare industry brought worldwide attention to what has become a major concern in healthcare cybersecurity. One particular attack, using a ransomware known as WannaCry, targeted a number of industries around the world, including healthcare. Many health systems in U.S. suddenly found that their data was being held hostage by the ransomware creators in exchange for bitcoin currency, but some healthcare providers were shocked to find that it wasn’t just their data that could be held hostage. One of the most troubling cases was that of the National Health Service hospitals in England and Scotland. Approximately 70,000 of their devices – including computers, imaging equipment, storage refrigerators and theatre equipment – were affected by the attack. Medical devices themselves typically have poor security controls – if any – and rely on the security of the network they are connected to.
As Internet of Things (IoT) and mobile devices become more commonly used among medical professionals, more areas of vulnerability are discovered. Radiology technicians are increasingly using smartphone apps for sharing, reviewing and consulting. Something as simple as misplacing that smartphone can put patient data at risk.
It’s increasingly important for healthcare organizations to prioritize cybersecurity. Investing in cyber risk services through a reputable cyber insurance provider can help protect cyber medical imaging data and reduce the damage that occurs when a healthcare data breach occurs.
About Connected Risk Solutions
At Connected Risk Solutions, we use our expertise and experience to provide insurance information and programs to those who serve long-term care and senior living facilities. Since 2007, we’ve been offering insurance and risk management plans designed to help our agents give their clients the ability to achieve continued growth while simultaneously protecting against loss, containing costs and increasing profitability. To learn more, contact us at (877) 890-9301.