Security in the age of the Internet of Medical Things

Securing devices, reducing points of exposure

Healthcare is rapidly moving to a completely digitized environment, and, as a result, devices have been introduced to the hospital ecosystem and bedside workflows to help extend and streamline care throughout the hospital. As hospitals move to achieve real-time visibility into their different systems and applications, reduce time away from the patient bedside, and increase the quality of care, new technology has come in to play to improve interoperability of these systems and components. Robust tools like hand-held mobile computers and smart medical devices have allowed clinicians to become more efficient and mobile with patient care. Unfortunately, this new technology has also opened the door to increased risk and new potential points of exposure for healthcare IT infrastructures.

Each network-connected device within a provider’s ecosystem opens up the possibility for patient health information (PHI) exposure as well as the potential for other unauthorized use of critical systems and applications. The result is heightened concern around HIPAA compliance, data integrity, and network and infrastructure security vulnerabilities. Today, Internet of Medical Things (IoMT) security must address the most pressing concerns for healthcare IT leaders including:

  • Privacy concerns
  • Poor physical security
  • Unsecure mobile interfaces
  • Insufficient authentication and authorization

When choosing how to prioritize resources, healthcare organizations must first take a foundational approach to securing devices: strong authentication.

Streamlined access control for network-connected devices for healthcare

Unfortunately, increased security measures can quickly turn in to clinical roadblocks as providers begin to spend more time interacting with security barriers and less time face-to-face with patients. Far too often, in an attempt to reduce the burden of manual authentication and to focus more time at the bedside, clinicians find less than secure ways to access the tools that they need for patient care, ultimately opening your organization up to even more risk.

Imprivata offers several solutions that enable healthcare organizations to balance security and convenience for IoMT devices by streamlining authentication and access controls for clinical users.

Imprivata Medical Device Access
Imprivata Medical Device Access is part of a comprehensive identity and multifactor authentication platform for fast, secure authentication workflows across the healthcare enterprise. Imprivata Medical Device Access combines security and convenience by enabling fast, secure authentication across enterprise workflows while creating a secure, auditable chain of trust wherever, whenever, and however users interact with patient records and other sensitive data. Imprivata is working with leading medical device manufacturers such as Welch AllynPhilips, and Capsule to better enable organizations to implement foundational security best practices with modalities that are tailored specifically to clinical workflows.

Imprivata Mobile Device Access
Imprivata Mobile Device Access is healthcare’s only mobile authentication solution that enables fast, secure access to clinical mobile devices and applications. Users can access shared clinical mobile devices with the simple tap of a proximity badge, and can then single sign-on (SSO) to their applications.

This workflow gives clinicians the same fast, efficient, and familiar authentication workflow that they currently experience when they access virtual desktops and workstations with Imprivata OneSign. With an SSO workflow to shared mobile devices, healthcare delivery organizations can unlock the full potential of mobile devices by ensuring a fast, efficient workflow for clinicians, while maintaining and improving security and auditability.

Users can access shared clinical mobile devices from an ever-expanding list of vendors supported by Imprivata, including Ascom, Honeywell, Zebra, and others.