Since the COVID-19 pandemic has forced millions of people to work from home, companies across the world are considering a permanent shift to remote work. Healthcare is just one of the many sectors that have been increasing its offering of remote services. This online version of healthcare is referred to as telehealth and allows physicians to conduct virtual visits and consultations with patients via a computer safe in their own home. Many experts believe the global pandemic has accelerated the mass-adoption of telehealth. Overall, it is predicted that the adoption of telehealth will increase by 64.3% In America, this year.
While telehealth maybe much more convenient than taking the risk and making a visit to the doctor's office, every new device or end point machine creates a new potential entry point for hackers, which is why the increase in telehealth adoption has increased the attack surface of healthcare. This includes both patient computer systems and the new telehealth applications and services quickly deployed by health delivery organizations (HDOs) .
One of the greatest concerns for healthcare is access control, and preventing unauthorized access to confidential non-public information or access to the HDO network, which contains thousands of end point medical and other HIoT devices that cannot be easily secured.
Many healthcare providers have eagerly adopted telehealth to continue patient care through these hard times, but many of the telehealth platforms do not meet HIPAA requirements to protect data. HIPAA requires that providers use encryption and other safeguards when dealing with patient data. Telehealth allows patients to use their computers and mobile devices to access sensitive information, but often times their devices don’t have these safeguards
Transferring data over the internet increases the threat of that information falling in the hands of the wrong people. The healthcare sector is one of the most sought out sectors by cybercriminals. The benefits of telehealth outweigh the risks, but telehealth platforms must incorporate stricter standards and procedures to minimize potential threats. In 2019, breaches cost the healthcare sector over $4 billion.
Healthcare organizations possess tons of sensitive information, therefore providers, platforms, and vendors must also incorporate data security practices to ensure the safekeeping of data. Telehealth increased the number of channels data and medical records can be accessed through, so it is crucial that each individual channel is kept in mind when considering cybersecurity.