Medical cybersecurity vs power quality
The security of patient data is of the utmost concern to healthcare organisations, due in no small part to the increase in the number and severity of cyber-attacks in recent years. However, this isn’t the only risk to digital medical records and sensitive data. Here, Steve Hughes, managing director of medical power quality specialist REO UK, explains the threat poor power quality presents to healthcare.
In early 2017, at least one third of NHS trusts in the UK had their services disrupted due to the infamous WannaCry ransomware attack. This cyber-attack not only locked many practitioners out of their systems but also encrypted patient data and held it hostage — highlighting just how impactful a loss of access to patient records can be.
During the UK Health Show in late 2017, a survey found that most healthcare management professionals feel the NHS is at risk of future attacks. It’s unsurprising then that cybersecurity is a top concern for many healthcare professionals. However, the threat of a malicious cyber attack isn’t the only thing that poses a risk to the integrity of patient medical data; the power quality of healthcare equipment can too.
Power quality is not a new issue for hospitals. Equipment such as X-ray machines and other diagnostic imaging systems, which have been in use for many decades, are prone to causing electrical harmonics and voltage transients. These affect the quality of power in a hospital’s electrical network and can result in unreliable device performance.
However, this poor quality has become increasingly problematic as the healthcare industry has become increasingly digitalised. The current trends in medical technology indicate that these problems will only continue, as explained in REO UK’s state of medical technology whitepaper.
In addition to patient records, which are increasingly stored digitally, there is also a growing number of electronic devices, such as bed management system tablets and portable equipment, which can impact power quality.
Alongside this, consumers are no longer warned against bringing their own devices, such as mobile phones, into hospitals. While there isn’t a risk that these devices will directly interfere with equipment, they can introduce power quality problems if they are connected to the mains supply. This is because the switch mode power supply (SMPS) of the charger can introduce erroneous frequencies into the network, resulting in electromagnetic interference (EMI).
So, what does this mean for patient medical data? The crux of the problem is that electrical issues, such as EMI, is that they can disrupt the operation of equipment and accelerate the wear of components, increasing the risk of device failure.
Part of the routine in a medical appointment is that the doctor reviews, and subsequently updates, a patient’s medical record to ensure the right course of treatment is prescribed and that an accurate record of the appointment is kept.
If interference creates an unreliable power supply to IT systems or a damaging power surge, GPs may be unable to access these files — leading to a risk of cancelled appointments and subsequent expense.
Such events can be mitigated by using network isolators and isolation monitors that provide galvanic separation of equipment. Network isolators such as the REOMED Isonet provide effective electrical isolation of devices in copper wire-bound ethernet networks. The Isonet also protects both equipment and people from the impact of electrical voltage spikes.
Poor power quality might cause more localised problems than the widespread impact of cyber-attacks, but they are equally important to the consistent and effective operation of healthcare businesses. While cybersecurity has understandably been a significant concern for businesses, we must not forget the power underpinning everything.
The only way to ensure the highest level of patient data integrity is to protect it from both digital and electrical threats. By giving both aspects equal consideration, healthcare managers and engineers can keep data secure and remain operational.
For more information on how the medical technology industry is changing and how engineers can keep systems safe, download REO UK’s report on the medical technology sector.