Why investment in devices is leaving the healthcare sector more exposed to security threats

Managing digital transformation is a challenge being faced by all organisations, but data handled by hospitals, GP surgeries and other medical institutions is among the most personally sensitive and intimate of any data processed.

Healthcare leaders no doubt have an acute appreciation for this, yet a recent SOTI study painted a worrying picture of a global healthcare sector that’s struggling to manage the security of its devices and avoid data leakage.

In fact, in the UK, nearly eight in 10 frontline healthcare services admitted to having experienced at least one data breach since 2021. We don’t need to look far back to find high-profile incidents such as those involving HCA Healthcare or the NHS.

With huge opportunities to improve productivity and patient care, the move for healthcare organisations to digitise processes and adopt new mobile technologies is essential. But, without adequate device management, costly downtime and security issues are still a real threat. Let’s explore how these issues occur and some of the key considerations for preventing and solving them.

Growing web of devices

According to SOTI’s study, a key contributor to the healthcare sector’s data security challenges is the growing scale and diversification of device implementation. Almost half (44%) of IT professionals in the UK reported an increase in the mix of devices including tablets, rugged devices and printers, being used within their healthcare organisations over the past year. A third also reported an increase in the use of personal devices to access company systems and networks.

However, the absence of direct management or monitoring by IT departments for any device used in the healthcare sector can pose significant data security risks. By ensuring effective oversight and management, IT teams can have full visibility into the location and status of devices, roll out security updates and software patches. In the event of a lost or stolen device they are able to lock it down to prevent any unwanted access. Without this, device malfunctions or compatibility issues can undermine critical healthcare processes, hindering a worker’s ability to deliver timely and accurate care. 

Out with the old, in with the new

Nearly all IT professionals agreed that the use of new technologies is a priority, but issues with technology integration and management can emerge when trying to blend new innovations with old legacy systems. This certainly seems to be the case in healthcare, with 95% of respondents confirming their organisations still actively use legacy systems in daily business operations.

Over a third (37%) agreed that this is causing their networks to be more exposed to cyberattacks and data breaches, but it also means they are spending too much time fixing technical issues and staff are unable to access patient data quickly. Prioritising solutions that aid the management of both old and new technologies offers a short-term solution while areas for improvement are identified and new technologies are being integrated.

When introducing new devices, processes or systems, organisations must provide adequate training and support to employees to maximise investments. For management, ensuring that employees understand the business rationale for the integration of new tech is key to avoiding staff frustration and emergence of data vulnerabilities, amongst other challenges.

Downtime: life or death

The IT professionals surveyed revealed that each employee in their health organisation loses a staggering 3.4 hours on average each week due to technical or system difficulties. This downtime impacts healthcare workers’ ability to provide critical care, often making it a matter of life and death.

Assist Care Group, which specialises in high quality visiting and respite care for people of all ages, is a good example of a health organisation not grappling with device downtime. Through an effective management solution, Assist Care Group has slashed time spent on tech support by over 90% and saved £15,000 per year, liberating highly skilled team members to work on more important tasks. 

The takeaway?

In the healthcare industry, data security is more than protocol – it’s fundamental to patient trust and system integrity. With device management becoming more complex, urgent attention is needed along with adequate investment in resources to mitigate potential vulnerabilities and protect sensitive patient data.


Join our audience of healthcare industry professionals

Join our audience of healthcare industry professionals