Michael Barbella, Managing Editor09.15.22
Digital health has certainly revolutionized healthcare, but it also has made the industry more vulnerable to cyberattacks.
Consequently, cybersecurity spending in the medtech sector is expected to surge data breaches become more commonplace. Globaldata predicts the medical device sector will increase cybersecurity expenditures 7.3% annually through 2025 to reach $1.2 billion.
“The healthcare, pharma, and medical device sectors are particularly susceptible to cyberattacks," said Ashley Clarke, a medical analyst at GlobalData. "Medical history cannot be changed, unlike identification and credit card information, making it invaluable to hackers and resulting in high costs for healthcare data breaches.”
Medical devices have become increasingly connected as remote medicine soared during the COVID-19 pandemic. Many companies now struggle to accommodate provider, patient, and third-party access to sensitive patient information while ensuring security.
“Hackers can use healthcare information to create fake insurance claims, buy and sell medical equipment, or acquire illegal prescription medications. They can also target victims with fraudulent schemes related to their medical history, which are more believable than financial or legal scams due to the intimate nature of health information,” Clarke noted.
More than 41 million individuals in the United States were affected by healthcare data breaches in 2021, according to reports of breaches affecting 500 people or more by the U.S. Department of Health and Human Services (HHS) Office of Civil Rights. Cases affecting more than 22.5 million individuals in the United States are currently under investigation this year, which is a 4.6% increase compared to the same time last year.
“Devices like insulin pumps, heart pacemakers, inhalers, and wearables track patient data in real-time and even transmit to the user’s phone, making the data immediately accessible to both the patient and their doctor. However, this increased data access has made the medical device sector more vulnerable," Clarke said. "This change in technology means that medical device companies and their business associates are now responsible for increasingly large amounts of sensitive electronic patient data and have been prey to significant data breaches in recent years.”
Without securing all components of the cybersecurity value chain, medical device companies will remain a primary target for hackers.
“It’s crucial for companies to invest in a variety of technologies such as chip-based security, network security, and cloud security, at every stage of the product development to ensure patient information is safeguarded. Older legacy devices may be unable to receive security patches, but new devices should have a security update plan in place for their entire device lifecycle,” Clarke concluded.
Consequently, cybersecurity spending in the medtech sector is expected to surge data breaches become more commonplace. Globaldata predicts the medical device sector will increase cybersecurity expenditures 7.3% annually through 2025 to reach $1.2 billion.
“The healthcare, pharma, and medical device sectors are particularly susceptible to cyberattacks," said Ashley Clarke, a medical analyst at GlobalData. "Medical history cannot be changed, unlike identification and credit card information, making it invaluable to hackers and resulting in high costs for healthcare data breaches.”
Medical devices have become increasingly connected as remote medicine soared during the COVID-19 pandemic. Many companies now struggle to accommodate provider, patient, and third-party access to sensitive patient information while ensuring security.
“Hackers can use healthcare information to create fake insurance claims, buy and sell medical equipment, or acquire illegal prescription medications. They can also target victims with fraudulent schemes related to their medical history, which are more believable than financial or legal scams due to the intimate nature of health information,” Clarke noted.
More than 41 million individuals in the United States were affected by healthcare data breaches in 2021, according to reports of breaches affecting 500 people or more by the U.S. Department of Health and Human Services (HHS) Office of Civil Rights. Cases affecting more than 22.5 million individuals in the United States are currently under investigation this year, which is a 4.6% increase compared to the same time last year.
“Devices like insulin pumps, heart pacemakers, inhalers, and wearables track patient data in real-time and even transmit to the user’s phone, making the data immediately accessible to both the patient and their doctor. However, this increased data access has made the medical device sector more vulnerable," Clarke said. "This change in technology means that medical device companies and their business associates are now responsible for increasingly large amounts of sensitive electronic patient data and have been prey to significant data breaches in recent years.”
Without securing all components of the cybersecurity value chain, medical device companies will remain a primary target for hackers.
“It’s crucial for companies to invest in a variety of technologies such as chip-based security, network security, and cloud security, at every stage of the product development to ensure patient information is safeguarded. Older legacy devices may be unable to receive security patches, but new devices should have a security update plan in place for their entire device lifecycle,” Clarke concluded.