Close this search box.

Better awareness hospitals doesn’t yet translate into better security

Awareness concerning cybersecurity risks has yet to translate into sufficient measures preventing cyber attacks from having succes. According to the report Cyber security of networkconnected medical devices in (EMEA) Hospitals 2016’ by Deloitte, hospitals are increasingly aware of the importance of good cybersecurity in their medical devices. But improvements are still needed at an operational level.

The Deloitte survey was conducted among 24 hospitals in nine countries in EMEA. It found that over half the hospitals surveyed used standard passwords (i.e. factory settings) to secure their equipment. Almost half the surveyed hospitals also did not know whether their equipment will comply with forthcoming privacy legislation (for example the EU General Data Protection Regulation, meant to replace current regulations starting 2018). Only a fifth stated that the majority of their devices use secure network connections to ensure data reliability and confidentiality.

Computer viruses and malware can compromise patients’ treatment and privacy. The survey revealed that three of the hospitals interviewed had experienced problems with malware during the previous year. “Trends in the USA involving ransomware and medical devices also show we need to remain continually alert,” says Jeroen Slobbe, Deloitte’s cybersecurity expert.

According to the Institute for Critical Infrastructure Technology IoT applications such as in hospitals are vulnerable to hacking, A possible scenario is the use of ransomware to extort hospitals and other medical institutions, threatening to shut down equipment such as pacemakers and insuline pumps unless a certain amount of money is paid.

No blind panic yet

Slobbe states that there is no reason for blind panic yet. Not using these connected medical devices represents a bigger risk to patient health than using equipment that contains vulnerabilities. But these vulnerabilities can be reduced, and with that the risks for patients.

If medical equipment’s cybersecurity is to improve, Deloitte believes it is important to make a designated individual responsible for the security of ICT and medical technology, based on an explicit policy for protecting these devices. Network segregation, monitoring and physical access controls can also improve equipment security, while privacy and security should be factored in to the design of new healthcare technology innovations from the start.


ICT&health World Conference 2024

Experience the future of healthcare at the ICT&health World Conference from May 14th to 16th, 2024!
Secure your ticket now and immerse yourself in groundbreaking technologies and innovative solutions.
Engage with fellow experts and explore the power of global collaborations.

Share this article!

Read also
How to introduce innovation and AI in healthcare organizations if there is no business model for prevention and quality – Our interview with Professor Ran Balicer, the Chief Innovation Officer at Clalit Health Services and founding Director of Clalit Research Institute.
I see no legitimate rationale for delaying the digital transformation in healthcare
Pioneering Cardiac Arrest Detection for Enhanced Survival.
CardioWatch Revolutionizes Cardiac Arrest Detection
Dr. Oscar Díaz-Cambronero, Head of Perioperative Medicine Department at La Fe Hospital, spearheads innovative telemonitoring initiatives revolutionizing patient care
Smartwatches Saving Lives Inside and Outside the Hospital
EIT 2024
EIT Awards 2024. Two European startups are revolutionizing the treatment of cardiovascular diseases
Bertrand Piccard, Swiss explorer and founder of the Solar Impulse Foundation
EIT Summit 2024. What are the trigger points that drive or inhibit innovation?
MMC pioneers wireless monitoring for premature infants with the innovative Bambi Belt, revolutionizing care with improved comfort and mobility.
Wireless Monitoring of Vital Signs in Premature Infants at Máxima MC
Innovation Adoption: How to Traverse The Valleys of Death
Data protection-critical incidents resulting from human error are often rooted in stress, routine, negative attitudes toward IT, and deficits in employees' identification with the healthcare facility.
How cyberpsychology helps prevent human errors leading to data leaks
What technologies will enter our homes in a few months? ICT&health checked it out at the CES 2024.
CES 2024: Meet the exciting innovations for health and well-being
An article on a new study on e-health assessment tools
eHealth success lies at the intersection of technology, people, and organization
Follow us