A recent survey by Skycure, focused on Medicare, highlighted the increasing risk of attack to mobile devices used by doctors. Although the report is mainly US based the same problems will no doubt exist worldwide and lessons can be learned for all healthcare organizations, irrespective of location.
The report found that nearly 4% of Android devices were infected with malware – this equates to more than 27 million devices. As even more doctors are using their mobile devices to manage patient data (70% in 2015) this has worrying implications for patient confidentiality.
Lack of even basic passcode protection
The US Department of Health and Human Services said that there were more than 260 major healthcare breaches in 2015, of which 9% involved a mobile device other than a laptop. The Skycure report found that 11% of mobile devices were running an outdated OS with high-severity vulnerabilities and that 14% of the mobile devices containing patient data did not have even a passcode implemented to protect them.
This is a worrying statistic as cybercriminals are after sensitive personal data and realizing they have a greater chance of obtaining this in this sector are starting to target doctor’s mobile devices. So, as a basic level of security (one with no cost!) all doctors should be made to protect their mobile devices with passwords.
New biometric technologies
The good news is that generally the percentage of mobile devices protected by passcodes has gone up from 48% to 52% and the fact that a lot of new devices now come with biometric protection like fingerprint scanners as standard will also help to increase security. I’ll be honest, I never bothered with passcodes on my phone in the past, but my latest one has a fingerprint scanner which I activated immediately. So, hopefully this new easier-to-use technology will help to improve security levels everywhere.
To compliment this, a good mobile device management (MDM) solution, like AssetStudio Vitado will also help you to enforce strong password policies as well as enabling you to remotely wipe and/or disable lost or stolen devices – introducing another layer of protection.
To find out more about the security features of AssetStudio Vitado please take look at our videos.