IoT in healthcare
Medical devices are one of the fastest growing sectors with the Internet of Medical Things (IoMT) Market predicted to reach $143 billion by 2026. With the advancement of IoT, healthcare companies and hospitals have the potential to use hundreds of connected devices to save time, money, and lives.
However without appropriate digital and physical security, these edge devices become a vulnerable entry point for hackers to get into the hospital’s network. 82% of healthcare organizations have experienced a cyberattack on their IoT devices, including the first recorded death potentially linked to a cyberattack at Duesseldorf University Hospital. Ensuring security is a critical issue in the development and use of medical IoT devices to protect both the hospital’s digital assets as well as its patients’ sensitive and confidential data.
Medical IoT devices
Smart medical devices provide many advantages in the healthcare industry, including better patient care, hospital workflow, and overhead cost. Inside hospitals, devices such as medical data transferring tools, wireless vital monitors, and insulin pumps are all able to share information with each other and update patient records from nearly anywhere in the building. Outside of the hospital, remote care or at-home patient monitoring provides more accessible healthcare options for patients who are elderly, have chronic conditions or have no local medical care. However, the convenience of remote patient monitoring also presents the challenge of ensuring that personal data collected from patients is kept private and secure.
Security risks & costs
IoT medical devices allow better patient care and operational efficiency, but these connected devices can also be used as gateways for hackers to steal sensitive patient data from the device itself or from the cloud services with which it communicates.
The average cost of resolving a healthcare IoT cyberattack is $346,205
A malicious cyberattack on a healthcare database might expose thousands of private medical records and sensitive personal data, and has the potential to compromise patients’ physical safety if data is modified or deleted in some nefarious manner. According to the Global Connected Industries Cybersecurity Survey, 30% of healthcare providers that experienced an IoT cyberattack said patient safety was actually put at risk as a direct result of the attack.
Whenever an IoMT device communicates with the hospital network or database, the hospital’s system is vulnerable to a cyberattack and the digital assets may be compromised. This is particularly true for at-home telemedicine devices that transmit patient status and vitals data to healthcare providers, because in the home, security practices are generally not well set up, controlled or monitored on an ongoing basis. Developers of IoMT devices must therefore carry the responsibility for ensuring that a patients data is protected – at rest in the device, and in transit with cloud services and adjacent devices – according to HIPAA and similar regulations worldwide.
Zymbit hardware security modules are designed to protect embedded computers and devices from cyber and physical exploits, particularly in unattended applications. Zymbit snap-in security modules are easy to integrate and tough to infiltrate, and are available with different forms and features to suite prototyping and full scale manufacturing.