From glucose monitors to infusion pumps, the rise in connected medical devices is endangering healthcare cybersecurity, according to findings in Capterra’s new Medical IoT Survey. The survey of healthcare IT professionals also reveals that two in three healthcare cyberattacks impact patient data and nearly half (48 percent) impact patient care.

More connected devices mean more hacks: healthcare organizations with over 70 percent of their devices connected to the Internet are 24 percent more likely to experience a cyberattack than practices with 50 percent or fewer connected devices. However, many practices aren’t taking enough precautions, notes the survey. Some alarming findings include:

  • 57 percent of practices don’t always change the default username and password for each new connected medical device put into use.

  • 68 percent don’t always update connected devices when a patch is available.

  • 82 percent run connected medical devices on old Windows systems.

According to Capterra analyst Zach Capers, “Our research also finds that a plurality of healthcare organizations (40 percent) have between 51 and 70 percent of their medical devices connected to the Internet, either through Wi-Fi or hardwired, while a third (34 percent) have more than 70 percent connected. Only about a quarter of practices (26 percent) have half or less of their medical devices connected. Clearly, the medical IoT is no longer on the rise, but is now firmly entrenched at most healthcare organizations.”

He also notes that “once connected, medical devices often go unmonitored because they lack the ability to run solutions such as antivirus or endpoint protection tools that are typically used for desktop computers and other traditional network devices.” Capers says these IoT devices run on a wide array of software and hardware platforms, which makes them difficult to monitor with a single tool. These factors, he says, mean that many connected medical devices are left wide open to cyberattacks.

Medical device OEMs should take note of these findings. Unfortunately, Capers says that medical devices that do use traditional operating systems commonly run on legacy platforms that are no longer supported and cannot be patched.

“A full 82 percent of our respondents say that at least some of the connected medical devices at their practice run on Windows operating systems older than Windows 10,” says Capers.

Medical device designers must make cybersecurity a priority.

Sherrie Trigg

Editor and Director of Medical Content

For more information, visit here .