“The expanded use of wireless technology on the enterprise network of medical facilities and the wireless utilization of MDs opens up both new opportunities and new vulnerabilities to patients and medical facilities”, explained the DHS National Cybersecurity and Communications Integration Center in an unclassified bulletin.
“Since wireless MDs are now connected to medical information technology [IT] networks, IT networks are now remotely accessible through the MD. This may be a desirable development, but the communications security of MDs to protect against theft of medical information and malicious intrusion is now becoming a major concern”, the bulletin warned.
“In addition, many HPH [healthcare and public health] organizations are leveraging mobile technologies to enhance operations. The storage capacity, fast computing speeds, ease of use, and portability render mobile devices an optimal solution”, the bulletin noted.
The center explained that the Food and Drug Administration does not regulate how medical devices are connected to the network of the healthcare facility. So it is up to the organization itself to implement a “robust security program” to protect patient information and access to networks from insecure wireless medical and communication devices.