Do visitors to your medical office use smartphones? Even though youve posted Please turn off your phone signs nearly everywhere? Youre not alone. Most health care organizations find themselves competing with technology for peoples attention.
Of course, patients arent the only ones clicking, searching, scanning and snapping in medical settings. Nurses, doctors, assistants, vendors nearly every human in the joint has a device. As a result, more connected devices are in use within health care provider settings, wirelessly sending and receiving data day and night.
Whats more, medical devices used to diagnose and treat patients are often doing the same sending and receiving data through what can be incredibly vulnerable networks and systems.
While visiting my own doctor recently, I decided to search for such devices using a free Wi-Fi access finder app I have downloaded on my smartphone. I was not surprised to find more than a dozen wireless medical devices and associated controlling systems in my immediate area. I was troubled, however, to find not one was using encryption, nor did any of them require the use of passwords. I could also see network names and data being sent within the facilitys wireless network all through these dozen or so devices and systems.
When my doctors came into the room, I asked if the facility had good security on its devices and networks. Here again, the answer did not surprise me:
We have a great information security department, so Im sure we do.
I showed them what Id found and explained that if I had been a hacker, I could have accessed all the data on those devices and sent it to some unknown and far-away cloud server. They were scared to learn anyone within range could, at that very moment, be getting away with that very malicious act completely undetected.
Well discuss this with our data security officer.
And thats a great first step. But, as we all know, staying on top of the risks, threats, patches, upgrades, and innovations that keep an organization cyber safe is a daunting task. Quite frankly, its too much for a single data security officer. That is why we developed SIMBUS360.com to simplify risk management and compliance, ultimately making cybersecurity risks and related threats much easier to mitigate.