Abbott and The Chertoff Group, a security and risk management advisory group, released a white paper that shares key findings from a recent study of 300 physicians and 100 hospital administrators on cybersecurity challenges in the hospital environment. Results found that while physicians and hospital administrators view cybersecurity as a priority, the majority of them feel underprepared to combat cyber risks in the connected hospital.
"Cybersecurity is a shared responsibility across all of us working in today’s healthcare system," said Chris Tyberg, Divisional Vice President, Product Security, Abbott. "Hospitals are critical hubs within this system, and as the use of advanced medical technology and attention to cybersecurity and connected health increases, it is important for us to understand the challenges hospitals face and how we can collaborate on potential solutions."
According to the survey:
- Cybersecurity is a priority in today’s connected hospital: 92% of physicians and 91% of hospital administrators say that keeping patient and hospital data secure is a focus of their hospital.
- Physicians and hospital administrators feel underprepared to combat cyber risks: 75% of physicians and 62% of hospital administrators feel inadequately trained or prepared to mitigate cyber risks that may impact their hospital.
- Physicians and hospital administrators view medical device cybersecurity as a shared responsibility: 71% of physicians and 74% of hospital administrators believe cybersecurity is a shared responsibility among all participants in the healthcare system.
- Communication about medical device cyber-related vulnerabilities can improve: Only 15% of physicians and 45% of administrators report having seen or read advisories related to medical device security in the last six months.
- Standards are widely desired: 82% of physicians and 73% of administrators believe there should be industry-wide standards and consistent terminology.
Using the survey insights, Abbott partnered with The Chertoff Group to develop the white paper on connected healthcare security, which outlines key considerations for managing cybersecurity risk in the connected hospital. The white paper, Building a More Secure Connected Healthcare Environment, identifies ways in which members of the healthcare ecosystem can work together to mitigate cybersecurity risk while preserving the benefits of connected medical devices for patients.
The white paper calls for the healthcare industry to come together to address three key areas:
Industry-wide standards and cybersecurity by design to ensure cybersecurity protections are built into medical device development and that physicians and patients feel confident in the security and safety of the devices they use.
Investment in cybersecurity incident response processes for identifying and responding to vulnerabilities in a timely manner, while supporting safe clinical care.
Improved education, focus and training to increase all stakeholders' understanding of cyber risk in the healthcare setting.