What are the risks to mobile devices used by doctors?
A recent survey by Skycure, focused on Medicare, highlighted the increasing risk of attack to mobile devices used by doctors. Although the report is mainly US based the same problems will no doubt exist worldwide and lessons can be learned for all healthcare organizations, irrespective of location.
The report found that nearly 4% of Android devices were infected with malware – this equates to more than 27 million devices. As even more doctors are using their mobile devices to manage patient data (70% in 2015) this has worrying implications for patient confidentiality.
Lack of even Basic Passcode Protection on Mobile Devices
The US Department of Health and Human Services said that there were more than 260 major healthcare breaches in 2015, of which 9% involved a mobile device other than a laptop. The Skycure report found that 11% of mobile devices were running an outdated OS with high-severity vulnerabilities and that 14% of the mobile devices containing patient data did not have even a passcode implemented to protect them.
This is a worrying statistic as cybercriminals are after sensitive personal data and realizing they have a greater chance of obtaining this in this sector are starting to target doctor’s mobile devices. So, as a basic level of security (one with no cost!) all doctors should be made to protect their mobile devices with passwords.
New Biometric Technologies
The good news is that generally the percentage of mobile devices protected by passcodes has gone up from 48% to 52% and the fact that a lot of new devices now come with biometric protection, like fingerprint scanners, as standard will also help to increase security. I’ll be honest, I never bothered with passcodes on my phone in the past, but my latest one has a fingerprint scanner which I activated immediately. So, hopefully this new easier-to-use technology will help to improve security levels everywhere.
Mobile Device Management
To complement the additional security installed as standard, a good mobile device management (MDM) solution, like Certero for Mobile, will also help you to enforce strong password policies, as well as enabling you to remotely wipe and/or disable lost or stolen devices – introducing another layer of protection.