Telehealth has had a big impact on healthcare over the last year but people on both sides of those video calls are worried about privacy and data security. The Kaspersky Healthcare report 2021 found that doctors and nurses are concerned about data security, potential HIPAA violations and even misdiagnosis due to poor quality video.
The report’s focus was “Telehealth take-up: the risks and opportunities,” but included questions about the overall impact of technology on healthcare as well.
About half of telehealth providers said they had patients who refused to join a video visit due to privacy and data security concerns. Healthcare providers are also worried with 81% citing concerns about how patient data will be used and shared from telehealth sessions, as well as the security of data and personal penalties that might be a result of data leakage during a remote consultation. Also 34% of remote telehealth providers said that one or more clinicians in their organization have made a wrong diagnosis because of poor video or photo quality.
Also, 32% said they had faced cybersecurity problems due to vulnerabilities in third-party technology and 30% said patient data had been compromised during telehealth sessions.
SEE: 8 advanced threats Kaspersky predicts for 2022
Part of the problem is bad cybersecurity habits. Half of the telehealth providers said clinicians use insecure apps to conduct remote appointments, including FaceTime, Facebook Messenger, Whats App and Zoom. Also, 29% said they shared medical data with third parties using an email attachment without a password or digital messenger service.
Arlington Research conducted the survey for Kaspersky and interviewed 389 decision-makers working for frontline healthcare service providers on digital transformation strategy and implementation. Researchers talked with technical experts in 34 countries and survey respondents were split between companies with more than 1,000 employees and firms with 50-999 workers.
Medical advice from algorithms
The survey also asked about the overall impact of technology on healthcare as well as whether digital doctors can replace human ones. Surprisingly, 38% of respondents said they trust advice from AI more than advice from colleagues. However, 51% said they would want a second opinion before following guidance from AI and 57% think “robot surgeons could be hacked and injure patients.
Robotics and telehealth topped the list as the most influential technology:
- Robotics: 57%
- Telehealth: 50%
- Mobile health/self-diagnostic apps: 45%
- Wearables: 34%
- 3D printing: 32%
- Implanted chips: 30%
- Big data: 26%
- Artificial intelligence (non-robotics): 16%
Responses varied by region when the question focused on whether or not technology can replace doctors. Respondents in the Asia Pacific region were most likely to agree with 52% saying that it can. Tech leaders in the Middle East and Africa also think digital doctors could take over at 46%. Those numbers were much lower in North America and Europe, with only 34% and 29% agreeing that this could happen.
Security risks for healthcare providers
In addition to managing data during video consultations, healthcare leaders have security issues with securing all kinds of digital devices. Also, 73% of the group use medical equipment with a legacy OS. These legacy devices persist due to costly upgrades, compatibility issues and lack of internal expertise to upgrade, according to the survey.
Only 30% of respondents said they were very confident their organization could stop cyber attacks but 38% said they have sufficient measures in place to use telehealth safely.
Kaspersky recommends that health systems take these steps to strengthen cybersecurity protections:
- Make endpoint protection a top priority, including computers, office smartphones, tablets, terminals for recording, information kiosks and medical equipment.
- Install regular software updates whenever possible.
- Develop a security solution for unsupported operating systems.
- Implement security awareness training for all employees.
- Establish a strong email security solution and multi-factor authentication.