From sensor-equipped wristbands to robotic assistants and comprehensive electronic health records (EHRs), digital health technology’s diverse benefits may come with unexpected safety threats. ECRI Institute produces an annual report on threats to healthcare safety. ECRI’s engineers, scientists, clinicians, and patient safety analysts compile the report from incident investigations, device testing, and problem reporting databases. In determining the most significant dangers, the group considers threat severity, frequency, insidiousness, and profile. The broad range of threats in ECRI’s reports includes dangers that may be disconcerting. Examples of hazards in the 2019 report include infusion pump errors, overhead patient lift mechanical failures, damage from cleaning fluids, and recontaminated endoscopes. However, the 2019 Top 10 Health Technology Hazards report singles out cybersecurity as the most significant concern.

Healthcare cybersecurity is only as strong as its weakest link. Hackers typically don’t target robust protection elements; instead they try to exploit the most vulnerable elements. In traditional computer system attacks, for example, hackers use social engineering to obtain usernames and passwords by trickery and deceit. Security experts are most concerned about health tech with weak or missing security protection that allows remote access to healthcare organizations’ information. Hackers may attack healthcare systems to hold data for ransom, to destroy information intentionally, or even as a prank just to show that they can. No matter what the motivation, the attacks threaten care delivery and put patients at risk.

Health IT professionals and others responsible for electronic healthcare systems must do more to protect everything from networked clinical devices to patient health records. ECRI’s 2019 report executive brief is available for complimentary download.