In addition to that usage of cloud platform by the HIS providers is also increasing the risk of security of
            data.



            e)  Risks of using Internet-enabled connected healthcare devices

            With the introduction of the Internet of Medical Things (IoMT) has made it possible to provide real-time
            care to the patients can save lives in emergency situations like heart-failure, asthma attacks, or diabetes.
            IoMT devices can collect real-time data regarding blood sugar levels, blood pressure, heartbeat etc.

            which  can  be  monitored  by  the  care  provider  to  make  decisions  regarding  medication.  Continuous
            Glucose  Monitor,  Closed-loop  (automated)  insulin  delivery  system,  smart  inhaler,  Bluetooth-enabled

            coagulation system are a few examples of IoMT systems in healthcare. The market of IoMT is growing
                                                                                             ix
            and is expected to drive nearly $47 billion in revenues in healthcare revenue by 2020 . With convenience
            comes the cost. The cost here is the risk of loss of very personal health data captured by these devices

            which are stored using cloud platforms. In one of the cases in 2018, a fitness tracking application Strava
            which is used to track and share daily exercise routes by individuals revealed the sensitive information

                                               x
            about the location of US army bases .
            In sum, security risks faced by healthcare information systems range from ransomware, malware attacks,

            phishing, a threat from inside actors such as employees, HIS solution providers or maybe the technology
            mismanagement.  Table 2 lists some of the significant breaches to understand that these attacks are not

            just limited to a specific type of attack, specific geography or a variety of healthcare information system.



            Table 2: Major attacks faced by the Healthcare industry

             S.N    Year   Organizatio   Type of breach        Impact                   Reference
             o.            n


             1      Mar    Meditab,      Fax  server  wasn’t  Thousands  of  records  https://techcru
                    ch     California    properly secured i.e.  leaked       including  nch.com/2019/
                    201                  no password, giving  medical         records,  03/17/medical-
                    9                    access  to  anyone  doctor’s           notes,  health-data-
                                         who  could  read  the  prescription  amounts  leak/
                                         transmitted  faxes  in  and quantities, as well
                                         real-time.            as  illness  information,
                                                               such  as  blood  test
                                                               results  etc.  The  faxes
                                                               also  included  names,
                                                               addresses,  dates  of






            Cyber Defense eMagazine –June 2020 Edition                                                                                                                                                                                                                         91
            Copyright © 2020, Cyber Defense Magazine.  All rights reserved worldwide.