As health systems become increasingly connected, the number of potential vulnerabilities also arise in the form of endpoints.
Experts at the HIMSS Healthcare Security Forum this week outlined the security hygiene practices necessary to safeguard a system’s endpoint perimeter – including grouping assets, leveraging machine learning and artificial intelligence, and implementing robust threat responses when necessary.
“Even before COVID-19, we started seeing a lot more endpoint devices in healthcare, specifically around wearable medical technology, handheld devices [and] medical apps on cell phones and iPads,” said Heather Roszkowski, assistant vice president of cyber defense and enterprise chief information security officer for Augusta University, during a HIMSS Security Basics segment available on demand.
“But with COVID-19, we saw an immediate expansion with a lot of that,” Roszkowski said. “We had requests coming in left and right for new technologies, especially around telemedicine.”
Balancing the speed of those requests with the need for standard security reviews has proven to be one of the biggest challenges in the wake of the coronavirus pandemic, said Roszkowski.
“From my perspective, I think the definition of endpoint itself has changed,” added Sriram Bharadwaj, vice president of digital innovation and applications at Franciscan Health Information Services.
“An endpoint is no longer inside your network. An endpoint is actually, in some respects, outside your network,” he continued.
During COVID-19, he said, clinical interest in remote patient