Data Protection Risks of Using Pagers in Healthcare
Why are hackers going after health care facilities? Doctors and pagers are two things that have been closely linked since the introduction of pagers in the 1960s. For decades, the doctor checking his (and later his or her) pager has been a staple in movies and television.
And while you might have expected pagers to have gone way like rotary telephone (or any kind of wired telephone) you’d be wrong to think they have. Pagers are still in use today, especially in healthcare.
There are good reasons for keeping this seemingly ancient technology. Pagers have a lower infrastructure cost than cell phone or even text. They have better range inside buildings like hospitals. They’ve been proven over decades not to cause radio frequency interference with medical equipment. And pager devices are physically more rugged and resilient than cell phones.
But while it can make sense to still use pagers in healthcare, it is still an older technology. And as is so often the case with older technologies, it can lack the appropriate countermeasures to keep it safe in today’s threat environment.
Understanding the threats that pagers in healthcare face is the focus of our Forward-Looking Threat Research Group’s (FTR) latest paper: “Leaking Beeps: Unencrypted Pager Messages in the Healthcare Industry.”
This paper is based on real-world research and testing in the United States and around the world. In it, our researchers were able to see what healthcare information is being sent to pagers, and what could be stolen out of the air by those with the right tools.
In most cases, the personal information can seem relatively harmless, lacking clear ties to people. But in today’s world of data aggregation and correlation, even seemingly innocuous personal information that is leaked can pose a risk.
Fortunately there are known countermeasures that can be put in place to protect this information. In addition to outlining the risks of using pagers in healthcare, this paper provides guidance on what healthcare organizations can to do better protect this information.
Healthcare isn’t the only industry that uses pagers. This paper is actually the first in a series of papers that outline the use and risks of using pagers in industries. Be sure to check back regularly to see the latest in this ongoing series of research papers.
Posted in: Healthcare, Mobile Security, Security
Posted by: Christopher Budd (Global Threat Communications)
Click here to read the original article.