Cybersecurity must be strengthened among hospitals and health systems now more than ever as health services increasingly move to remote and online formats, according to Josephine Wolff, PhD.
In an Oct. 17 op-ed for The New York Times, Dr. Wolff, an assistant cybersecurity policy professor at Medford, Mass.-based Tufts University, highlighted issues with hospital cybersecurity: "Hospital networks are notoriously insecure due to a combination of inadequate resources, a lack of clear and effective cybersecurity guidelines and the large number of people and systems involved in operating a hospital, all of whom need some degree of access to its network," she wrote.
In addition to network inadequacies, Dr. Wolff also wrote that because hospitals rely on specialized equipment, such as ventilators and MRI machines, they must ensure that the specialized equipment is compatible with more secure software. However the update process can often be slow and expensive, which is why some continue using old software that is more vulnerable to attacks.
Hospitals and clinics are now dealing with remote care and intensive care unit capacities at high levels due to the COVID-19 pandemic, so they must re-evaluate their computer networks and increase protections to prevent their services from being interrupted by malware or their patient data being stolen, according to Dr. Wolff.
"Lawmakers, too, should be thinking about how to support the healthcare sector in these endeavors by providing funds to public hospitals for this purpose and developing clear security standards and requirements, so that hospitals have strong incentives to make much-needed improvements and are able to do so," she wrote.