When the COVID-19 pandemic struck, the healthcare sector was certainly one that saw the maximum impact. The need for technology adoption in healthcare suddenly emerged front and centre, especially in the wake of lockdowns, movement restrictions, and social distancing guidelines issued globally in the midst of alarming growth in the number of cases.
In the US, the demand for telehealth claim lines grew a whopping 5680% in May 2020, as compared to May 2019. Anecdotal evidence also suggests an exponential increase in demand for smart technologies in healthcare. For instance, Cloud Physician, a smart ICU solution provider, found a tremendous acceleration in demand during the pandemic. We worked with the organization to audit its security infrastructure to detect vulnerabilities and act on the threat to patient health.
This momentum is only set to continue. A Frost and Sullivan report titled The Reshaping of Industries Caused by COVID-19 says that telemedicine and robotic care are here to stay as part of the new normal. The global smart healthcare products market is expected to register a CAGR of about 12.5% during 2018-2023, as per Marketwatch. Gartner expects that end-user spending on wearable devices will total $81.5 billion worldwide in 2021, the growth was driven in large part by increased interest in health monitoring.
Unfortunately, this rush to adopt healthcare technologies, if done without due consideration for security, also exposes the entire healthcare ecosystem, making these organizations more vulnerable. The US Department of Health and Human Services reported a 50% jump in reported breaches in hospitals and healthcare providers’ networks between February and May 2020. For example, Magellan Health was subjected to a sophisticated ransomware attack on its servers in April 2020, exposing sensitive data such as passwords, W-2 forms, health insurance account information of 365,000 patients and employees. Health Share of Oregon too had to notify 654,000 patients after a laptop with sensitive data was stolen from its transportation vendor.
All of this points to an urgent need for the healthcare industry to set clear processes and policies to ensure security across the cloud, web and mobile applications, endpoint devices, the entire network, as well as the extended ecosystem. Vulnerability assessment and management, bug fixing, effective access management, encryption, and ensuring compliance have become critical.
With greater integration of the healthcare ecosystem, APIs have emerged as an important path for services to engage coherently with each other, share data and functionalities. However, APIs also expose systems to malicious attacks by hackers since they are able to exploit self-documented paths designed for developers. API Critique, Entersoft’s scanning and API Penetration Testing tool addresses this issue since it enables penetration testing and eliminates vulnerabilities with minimal manual effort.
Traditionally, healthcare has lagged behind other industries when it comes to securing sensitive data. As the digitization of the healthcare industry continues at a fast pace, there needs to be a due emphasis on security and compliance to avoid catastrophical damages.