Abbott and The Chertoff Group, a security and risk management advisory group, today released a white paper that shares key findings from a recent study of 300 physicians and 100 hospital administrators on cybersecurity challenges in the hospital environment. Results found that while physicians and hospital administrators view cybersecurity as a priority, the majority of them feel underprepared to combat cyber risks in the connected hospital.
"Cybersecurity is a shared responsibility across all of us working in today’s healthcare system," said Chris Tyberg, Divisional Vice President, Product Security, Abbott. "Hospitals are critical hubs within this system, and as the use of advanced medical technology and attention to cybersecurity and connected health increases, it is important for us to understand the challenges hospitals face and how we can collaborate on potential solutions."
The survey revealed several key findings, including:
· Cybersecurity is a priority in today’s connected hospital: 92% of physicians and 91% of hospital administrators say that keeping patient and hospital data secure is a focus of their hospital.
· Physicians and hospital administrators feel underprepared to combat cyber risks: 75% of physicians and 62% of hospital administrators feel inadequately trained or prepared to mitigate cyber risks that may impact their hospital.
· Physicians and hospital administrators view medical device cybersecurity as a shared responsibility: 71% of physicians and 74% of hospital administrators believe cybersecurity is a shared responsibility among all participants in the healthcare system.
· Communication about medical device cyber-related vulnerabilities can improve: Only 15% of physicians and 45% of administrators report having seen or read advisories related to medical device security in the last six months.
· Standards are widely desired: 82% of physicians and 73% of administrators believe there should be industry-wide standards and consistent terminology.
Using these survey insights, Abbott partnered with The Chertoff Group to develop the white paper on connected healthcare security, which outlines key considerations for managing cybersecurity risk in the connected hospital. The white paper, Building a More Secure Connected Healthcare Environment, identifies ways in which members of the healthcare ecosystem can work together to mitigate cybersecurity risk while preserving the benefits of connected medical devices for patients.
The white paper calls for the healthcare industry to come together to address three key areas:
· Industry-wide standards and cybersecurity by design to ensure cybersecurity protections are built into medical device development and that physicians and patients feel confident in the security and safety of the devices they use.
· Investment in cybersecurity incident response processes for identifying and responding to vulnerabilities in a timely manner, while supporting safe clinical care.
· Improved education, focus and training to increase all stakeholders' understanding of cyber risk in the healthcare setting.
"Today’s cyber risks are constantly evolving, which requires active engagement across the healthcare community to stay informed about the threats targeting Internet-enabled connections and what to do about them," said Bennet Waters, Principal and Head of Strategic Advisory Services at The Chertoff Group. "Engagement across all members of the healthcare ecosystem is critical to ensure that the cybersecurity investments being proposed are effective in clinical environments and that proper cyber hygiene is being applied at every level to contain and minimize risk. Working together, this community can ensure that patients continue to receive the benefits of today’s connected medical devices, which means more responsive and effective care."
Abbott shared the white paper today at the U.S. News & World Report Healthcare of Tomorrow conference in Washington, D.C., which brings together physicians and administrators from the top hospitals around the country. Abbott also hosted a panel discussion on cybersecurity and connected healthcare with a diverse group of healthcare experts, including hospital information security professionals, leading physicians working with connected devices, the U.S. Food and Drug Administration, and other cybersecurity experts. The event reflects Abbott’s ongoing commitment to advance the understanding and management of cyber risks that affect the healthcare industry.