The revolution is underway. More American consumers dramatically increased their use of telemedicine services for healthcare practitioners’ (HCPs) visits (From  11% in 2019 to 46% in 2020  through May) due to the COVID-19 pandemic.

Virtually speaking: Bad things are likely to happen

As providers move into the virtual world, it’s likely that a high-impact cyber incident will turn into a serious risk. Any cyberattack  that leads to the theft of Protected Health Information (PHIs) will put any company in danger of lawsuits and HIPAA violation financial penalties, and also permanently damage the  brand,  impacting revenue.

Irdeto’s in-house cybersecurity threat-risk analysis

Evaluating the current state of cybersecurity in telemedicine platforms: Irdeto identified popular iOS  and Android  telemedicine mobile apps that offer on-demand virtual visits direct to the US consumers. We conducted an in-house cybersecurity threat-risk analysis on both the patient and caregiver apps.

The state of cybersecurity for telemedicine mobile apps is alarming 

Over the  next four weeks, we’ll present our results on iOS and Android telemedicine apps’ (patient side) and detail the various vulnerabilities that the apps face. Our series will conclude with data that provides a comprehensive understanding of the state of mobile app patient and provider cybersecurity on iOS and Android platforms.

Critical threat analysis shows we’re headed toward a crisis

Our conclusions demonstrate the current state of cybersecurity for telemedicine mobile apps needs immediate attention. Current cybersecurity strategies for the telemedicine apps work well in a functional sense, but do not correctly address patient privacy and data safety, especially considering the recent rise and complexity of cyberattacks.  Good enough, is no longer good enough.

Conclusion: Telemedicine vendors beware

If you cannot deliver cybersecurity measures that protect apps that collect and transmit PHIs, you won’t have a stable future in the industry. A strategy that is lean on cybersecurity leads to two outcomes:

  1. Lucky you! Your  app wasn’t attacked by hackers (yet), or
  2. Your app was targeted by hackers, resulting in substantial fines and lawsuits, a damaged reputation and reduced revenue.

The truth is, it is just a matter of time until an attack occurs, and with  the current mobile app cybersecurity measures that are in place, the consequences of these attacks on a provider’s business would be catastrophic.

This is the first of a series of blogs detailing Irdeto’s results on the vulnerabilities of iOS and Android telemedicine apps.

Irdeto offers modular cybersecurity solutions and services for smaller startups to scale up their cybersecurity capability to keep software and medical devices from vulnerability and cyberattacks, meet regulatory requirements and protect patient safety.

Click here to get in touch with Irdeto’s Connected Health team to learn more!

Follow us here to stay up to date! You can also read more here to get our latest content on Connected Health!