ENISA Warns of Information Security of Smart Hospitals


The ever growing internet of things (IoT) has increased cybersecurity risks to hospitals around the globe, according to the European Union’s network and information security agency (ENISA) latest report

IoT can make health-care more convenient and effective by allowing patients to be treated remotely and more efficiently, but at the same time interconnected information and communication technology (ICT) leaves hospitals open to further cyberattacks such as distributed denial-of-service and ransomware attacks.

ENISA Executive Director Udo Helmbrecht said in a statement that “interconnected, decision making devices offer automation and efficiency in hospitals, making them at the same time vulnerable to malicious actions. ENISA seeks to co-operate with all stakeholders to enhance security and safety in hospitals adopting smart solutions, namely smart hospitals.”  

“There is an increasing level of dependence on IoT devices, which are not know for being particularly resilient,” the report said. ENISA expressed concern that reliance on IoT technology is outpacing the ability to secure the devices and information made available through them.

The report offers the following recommendations: (i) health-care organizations should provide specific information technology requirements for IoT devices and only use state of the art security; (ii) smart hospitals should identify how IoT devices will be connected to the internet and adopt tailored practices; and (iii) device manufacturers should incorporate security into quality assurance systems and involve health-care organizations when designing systems.

To keep up with the constantly evolving world of privacy and security sign up for the Bloomberg BNA Privacy and Security Update