The Security Risks Related to At-Home Acute Care
Also known as Hospital at Home, the program was developed in the U.S. by researchers at the Johns Hopkins University School of Medicine and Bloomberg School of Public Health in 1995. It allowed older adult patients with acute illnesses to remain in their homes and receive hospital-level care, including telehealth and home visits by nurses and physicians. The participating hospitals also provided remote monitoring devices such as thermometers, blood pressure cuffs and videoconferencing software so patients could receive round-the-clock care.
Patients who are eligible for at-home acute care can often avoid many common complications associated with in-person stays at traditional hospitals, such as delirium and functional decline. At-home acute care programs also assist patients in managing the use of multiple medications and avoiding harmful drug interactions.
But decentralized care delivery comes with risks as well as benefits. Consider the hospital end user: bedside clinicians, patients and caregivers. They present potential complexities and vulnerabilities in the security chain.
At-home acute care is also a target-rich environment that can be exploited as easily as opening an unlocked door. All too often, open doors are exactly what malicious actors look for when they target Internet of Medical Things devices.
IoMT is a double-edged sword: It facilitates communication, flexibility and healthcare capabilities for providers and their patients, but can also be a vulnerability point for malicious actors who want to steal protected health information and other critical hospital data. Stolen medical records are considered by some to be more valuable than stolen credit card information.
In response to mounting concerns about the security of connected medical devices, the U.S. Food and Drug Administration announced earlier this year that it would turn up the pressure on new medical device submissions to meet stronger cybersecurity requirements. The U.S. Department of Health and Human Services has also increased coordinated efforts to improve cybersecurity across the healthcare industry.