As technology continues to gain prominence in healthcare, it plays an increasingly vital role. Advancements in technology have allowed the healthcare industry to stabilize costs, improve access, and personalize care delivery—objectives that were challenging in the past. These benefits come with a potential downside: data privacy issues, which are becoming more concerning as technology advances.

Healthcare

We’ll start with healthcare, as it is the most prevalent. Healthcare data is protected, and that protection is regulated, and all for good reason. This information is the most personal information an individual has and it has no business being in possession of anyone but the provider, the insurer, and the patient. The most well-known regulation for healthcare in the United States is called the Health Insurance Portability and Accountability Act (HIPAA). It was developed to keep personal health data and personally identifiable information (PII) secure. This was necessary as there have been new systems implemented to transfer health and insurance information between healthcare providers and insurers. 

What Does a Security Audit Entail?

A security audit is intended to determine how effectively your business’ security is doing its job. Covering hardware specifications, your infrastructure as a whole, your network policies, the software you’re using, even how your employees behave, a good security audit will give you a complete picture of the protections and safeguards you have in place.

What is BlueKeep?

BlueKeep is a malware strain that was first discovered in May 2019, and was patched in short order to prevent it from becoming another situation like EternalBlue. EternalBlue was the exploit that allowed WannaCry to have such a considerable impact, especially on healthcare providers in the UK. Despite this precedent, however, many hospitals neglected to apply the necessary patches--and that isn’t even the worst part.

The worst part is that the three systems that BlueKeep impacts (Windows 7, Windows Server 2008, and Windows Server 2008 R2) share one thing in common: they have all passed their end-of-life date, and therefore no longer receive security updates.

This makes this situation a two-fold disaster. Not only have patches been released to mitigate BlueKeep, the systems affected by BlueKeep should not be in use anyways.

Of course, it only gets worse, and paints an unfortunate portrait of medical IT. A reported 22 percent of BlueKeep-vulnerable devices are yet unpatched. Worse, 45 percent of connected medical devices remain vulnerable, making things like x-rays, anesthesia machines, and other care-driven technology a risk to use.

Are you concerned about your organization’s technology?

Lean on the IT experts at Coleman Technologies for assistance. We can help any organization ensure that their technology won’t put their operations or their patrons in harm’s way. Learn more about what we can do by calling us at (604) 513-9428.