The revolution is underway. More American consumers dramatically increased their use of telemedicine services for healthcare practitioners’ (HCPs) visits (From 11% in 2019 to 46% in 2020 through May) due to the COVID-19 pandemic.
Virtually speaking: Bad things are likely to happen
As providers move into the virtual world, it’s likely that a high-impact cyber incident will turn into a serious risk. Any cyberattack that leads to the theft of Protected Health Information (PHIs) will put any company in danger of lawsuits and HIPAA violation financial penalties, and also permanently damage the brand, impacting revenue.
Irdeto’s in-house cybersecurity threat-risk analysis
Evaluating the current state of cybersecurity in telemedicine platforms: Irdeto identified popular iOS and Android telemedicine mobile apps that offer on-demand virtual visits direct to the US consumers. We conducted an in-house cybersecurity threat-risk analysis on both the patient and caregiver apps.
The state of cybersecurity for telemedicine mobile apps is alarming
Over the next four weeks, we’ll present our results on iOS and Android telemedicine apps’ (patient side) and detail the various vulnerabilities that the apps face. Our series will conclude with data that provides a comprehensive understanding of the state of mobile app patient and provider cybersecurity on iOS and Android platforms.
Critical threat analysis shows we’re headed toward a crisis
Our conclusions demonstrate the current state of cybersecurity for telemedicine mobile apps needs immediate attention. Current cybersecurity strategies for the telemedicine apps work well in a functional sense, but do not correctly address patient privacy and data safety, especially considering the recent rise and complexity of cyberattacks. Good enough, is no longer good enough.
Conclusion: Telemedicine vendors beware
If you cannot deliver cybersecurity measures that protect apps that collect and transmit PHIs, you won’t have a stable future in the industry. A strategy that is lean on cybersecurity leads to two outcomes:
- Lucky you! Your app wasn’t attacked by hackers (yet), or
- Your app was targeted by hackers, resulting in substantial fines and lawsuits, a damaged reputation and reduced revenue.
The truth is, it is just a matter of time until an attack occurs, and with the current mobile app cybersecurity measures that are in place, the consequences of these attacks on a provider’s business would be catastrophic.
This is the first of a series of blogs detailing Irdeto’s results on the vulnerabilities of iOS and Android telemedicine apps.
Irdeto offers modular cybersecurity solutions and services for smaller startups to scale up their cybersecurity capability to keep software and medical devices from vulnerability and cyberattacks, meet regulatory requirements and protect patient safety.
Click here to get in touch with Irdeto’s Connected Health team to learn more!