Healthcare Providers Cite Struggles with Medical Device Security, Data Management – Unisys Survey
Less than half have budget allocated to support security strategy; while less than one-third utilize real-time device data capture and analytics to inform purchase decisions
BLUE BELL, Pa., June 5, 2018 – New research from Unisys Corporation finds that less than half of healthcare providers have approved budget for medical device security, despite the fact that the vast majority consider it a strategic priority. Additionally, most providers are not accessing or leveraging real-time data for competitive advantage. HIMSS conducted the online survey of 101 healthcare industry practitioners in the United States and Asia Pacific, on behalf of Unisys.
Recent attacks like the WannaCry virus have spotlighted the security vulnerability associated with medical devices, a fact which has not been lost on providers. Indeed, of those surveyed, 85 percent rated medical device security as a strategic priority, with 58 percent of respondents referring to it as a high priority. However, only 37 percent of respondents said they had approved budgets to implement their cybersecurity strategy. This disconnect was even larger for small and mid-size healthcare providers, with only 29 percent of this group citing approved budget for medical device security.
"It is extremely disconcerting that even though most healthcare providers agree that device security is a top priority, only few have put budget in place to support it," said Bill Parkinson, global senior director, Unisys Life Sciences and Healthcare. "While most life sciences and healthcare organizations understand the need to strengthen device security, many are struggling with legacy devices that were never designed to be internet-accessible – and with the explosion of ransomware and sophisticated cyberattacks like WannaCry, that can put both the provider and the patient at risk."
In terms of security tools, 85 percent of respondents cited using firewalls and Network Access Control systems, while approximately half (52 percent) cited using segregated networks for medical devices.
"To ensure proper security, all devices require equally strong protection – firewalls alone are not enough in today's environment. In this regard, microsegmentation, or the ability to segment and restrict network and device data to pre-authorized groups of users and devices, can be a critical asset for hospitals and medical providers," said Parkinson.
The survey also explored how organizations capture and manage the data gathered by medical devices. While six out of 10 providers said they were ready for device audits at all times, only 30 percent said they were capturing device data on a real-time basis. Going a step further, only 34 percent of healthcare providers utilized analytics captured from device data to inform future medical device purchases.
"The importance of having access to real-time data cannot be underestimated. Not only can data analytics help life sciences and healthcare organizations reduce device downtime by ensuring devices are operational, it can significantly improve audit readiness and better inform future purchasing decisions," said Parkinson.
Unisys leverages deep domain expertise across vertical markets, including life sciences and healthcare. Recently, also announced that its award-winning Unisys Stealth® security software suite featured upgrades to extend protection to purpose-built Internet of Things (IoT) devices and other connected equipment, including medical devices like health monitors and IV pumps. Unisys supports more than 1 million life science incidents and service requests per year through its global service desk offerings.
For more information about how Unisys can help you manage your life sciences and healthcare needs across the globe, please visit http://www.unisys.com.au/industries/commercial/life-sciences-and-healthcare.
About Unisys
Unisys is a global information technology company that builds high-performance, security-centric solutions for the most digitally demanding businesses and governments on Earth. Unisys offerings include security software and services; digital transformation and workplace services; industry applications and services; and innovative software operating environments for high-intensity enterprise computing. For more information on how Unisys builds better outcomes securely for its clients across the Government, Financial Services and Commercial markets, visit www.unisys.com.
Follow Unisys on Twitter and LinkedIn.
Contacts:
Tony Buglione, Unisys, 215-274-1942
tony.buglione@unisys.com
Kate Heckenkemper, H+K Strategies for Unisys, 214-584-6060
Unisys.Team@hkstrategies.com
Unisys and other Unisys products and services mentioned herein, as well as their respective logos, are trademarks or registered trademarks of Unisys Corporation. Any other brand or product referenced herein is acknowledged to be a trademark or registered trademark of its respective holder.