Right to Repair Could Mean More Problems for Hospitals Cybersecurity

This past week, Axios covered the growing challenges hospitals face of cyber-attacks that directly threaten an institutions ability to provide patient care.

According to a report featured in the column, “Health care organizations averaged 1,463 cyberattacks globally per week in 2022, up 74% compared with 2021.” This begs the question, with increased cyber-attacks at hospitals, is now the best time to allow the unfettered access to sensitive hospital equipment?

‘Right to repair’ proponents are urging access to key hardware and software repair information and parts in the name of cost savings. But this ignores important vulnerabilities that such sweeping legislation could mean for the cybersecurity of hospitals.

Aside from the obvious concern of allowing any untrained individual to access and repair complex medical devices that are federally regulated, this exposure could provide another entry point for hackers, risking both patient safety and privacy. As the Axios column pointed out, the hospitals most affected by these attacks are often rural hospitals, and the people they serve could be particularly impacted by the growing number and complexity of cyber-attacks.

Bottom line, the inclusion of medical devices in “right to repair” introduces an unnecessary risk that could jeopardize patients on a number of fronts. Allowing third-party servicers to repair medical equipment dramatically increases the risk of faulty equipment and the leak of patient information.

Read the full article here.