Remote patient monitoring requires medical device management
While remote patient monitoring devices can be beneficial to hospitals as a way to improve patient engagement, they aren't without their security challenges.
The increased adoption of remote patient monitoring devices is an early indicator that many hospitals are attempting to keep up with advancements in medical device technology. As a result, there are more devices being connected to the hospital infrastructure in order to send the collected data to physicians and nurses.
However, securing and managing those devices poses a new challenge for IT, forcing them to rethink medical device management and consider all the variables this technology introduces compared to traditional workstations and laptops.
The addition of medical devices that monitor patients remotely can boost hospitals' patient engagement efforts by increasing visibility into patients' health. This constant flow of data can help healthcare providers intervene quickly when a device detects certain issues and put the patient's mind at ease that their care providers are constantly monitoring their health.
From an IT perspective, however, this new sprawl of connected devices means more security risks, especially because it only takes one compromised device to cause a data breach. Managing multiple medical devices is also much harder when different vendors have their own operating systems and management tools. Fortunately, there are ways to mitigate some of the risks associated with the use of these devices.
Tracking medical devices improves traceability
IT must track serial numbers, warranties, locations and software versions for any medical device deployed within a hospital so that support engineers can quickly locate those devices if issues like recalls or critical updates arise. IT can use device management tools like Asset Panda or even Excel spreadsheets to keep track of medical devices.
Updating standard operating procedures around medical devices helps improve security
When a medical device connects to a hospital network, it can introduce new risks into the environment if the hospital's security team does not properly vet and evaluate the device. There is always the potential for hidden vulnerabilities no matter how harmless a device seems. IT should implement standards to review a new device's security and configuration to avoid these risks.
Using a centralized device monitoring and management platform
Monitoring connected devices in a hospital is tricky because not every device comes with a software tool that allows IT to track its health and overall activity. This leaves IT with very little knowledge on how to manage the devices and ensure they are operational.
One of the best ways to address this gap is for IT to implement management tools like Azure IoT Hub or SolarWinds to track the connectivity status and overall traffic patterns of these devices. For devices that are outside the hospital, like remote monitoring devices sent home with patients, IT will still have to rely on tools that may be provided by the device maker in order to monitor patients' activity levels.
Checking for firmware, security and other software updates
Another practice to consider when adopting remote patient monitoring devices is keeping their firmware and software up to date. IT should set up monthly or quarterly reminders to check vendors' websites for updates and perform them as necessary.
Hospitals are recognizing the value technology can add when it comes to the use of connected medical devices. Data that is collected remotely allows healthcare providers to proactively monitor patients' health and vitals, but it also introduces a new set of challenges for IT when it comes to adding more network traffic and increasing the attack surface.