The services of telemedicine they were one of the great technological successes of the pandemic. Just as cloud-based services helped professionals remain productive, telemedicine consultations ensured that doctors could continue to provide healthcare and advice without endangering their patients or staff.
Now that this practice has been normalized, new privacy and security concerns are arising. Are telemedicine services safe? Is patient data adequately protected? Could that data be sold to third parties or stolen by cybercriminals?
Indeed, the medical data of the users they are usually quite interesting for cybercriminals, as they include personal and financial information that can be monetized through identity fraud. Among them can also be potentially embarrassing and intimate medical information, which could even be used as a bait in successive extortion attempts.
exist multiple risk vectors, both from the applications themselves and their developers as well as the devices of patients and healthcare personnel. Below, we share some of the most important, according to the cybersecurity company ESET.
Many data
According to the British non-profit organization Privacy International, “the challenge of telehealth apps is also the purpose that drives their existence; collect health data from people. Add that
some telemedicine apps “collect and store vastly more data” than traditional healthcare providers. This puts them at risk of being sold to third parties or stolen/filtered if the ‘app’ provider suffers a security incident.
Software failures
Telehealth software may contain security flaws that can be used by cybercriminals to obtain patient information and commit fraud.
Be careful with redemptions
If users use weak or easily guessed passwords, there is a risk that cybercriminals will hijack their accounts and collect medical or financial information. The password reuse it is also a major threat. If you use the same password for your telemedicine app as you do for other sites and apps, in the event of a hack, criminals could use the same credentials to unlock your telehealth app.
fake ‘apps’
Another classic technique used by cybercriminals to compromise user data is to place on application download platforms legitimate looking apps with hidden malicious code and wait for unsuspecting users to download them. This virus can be used to obtain personal and financial data from the associated phone.
Risk of connected devices
Just like telemedicine apps collect vast amounts of data, connected devices like health monitors can too. Some indicate the location and activities of the userfor example, and can be stored by both the healthcare provider and the manufacturer of the device or app, multiplying the risk of leaks, breaches and subsequent sale to malicious third parties.
How to protect ourselves
If you want to avoid problems caused by the use of telemedicine, it is important that you take some precautions. To begin with, that you protect your device with proven antivirus software.
As always, it’s important to always use strong and unique passwords and add multi-factor authentication, where available. In addition, you must always keep the latest version of the telemedicine and chat applications, and check what measures the operator takes to keep data protected from third parties.
Also, try to avoid using these solutions when you have to use a device that is not yours or a public Wi-Fi network. Finally, don’t make a telehealth appointment or share information with a provider you don’t know, or with contact information you don’t recognize.