Addressing Essential Challenges in Healthcare Technology Management: From Staffing to Skills

As technology management demands increase with the advent of connected medical devices (IoMT), healthcare organizations are facing significant challenges in scaling risk mitigation operations due to staffing shortages and skill gaps in cybersecurity. Data shows that by 2028, the United States is expected to have a shortage of 100,000 healthcare workers, although the shortfall will vary by state. There is also a huge pipeline shortage of incoming HTM professionals who are essential to manage and maintain advanced medical technologies in healthcare organizations. 

These staffing shortages are particularly challenging for Healthcare Technology Management (HTM) teams. The healthcare IT landscape has grown increasingly complex over the last several years as hospitals and healthcare facilities increasingly turn to the Internet of Medical Things (IoMT) devices to enhance the patient care experience. This means HTM teams must maintain both standalone medical technology and mitigate cybersecurity risks for connected medical devices and the broader network.

Despite the challenges, there are solutions for beleaguered HTM departments to maintain their medical device fleet efficiently, even at reduced staffing.

How the HTM Skill & Personnel Shortage Creates Cybersecurity Risks

IoMT devices have numerous benefits for healthcare professionals and patients. They can facilitate remote care and monitoring, dispense precise doses of medication, and continuously collect and send health data to a patient’s care team. At the same time, the proliferation of these connected medical devices introduces new challenges for maintenance, security, and operational efficiency.

In a post-COVID landscape, healthcare organizations continue to grapple with reduced budgets and staffing shortages, resulting in overburdened departments that are stretched thin, often prioritizing patient care over long-term cybersecurity and technology maintenance. Research from 2023 found that only 47% of hospital IT security teams include medical devices in their cybersecurity strategic planning, while 53% expressed concern about insecure and unmanaged or vendor-managed medical devices.

In some ways, HTM teams face a daunting task with these gray areas. Staffing shortages make it challenging to maintain IoMT, but the healthcare industry increasingly looks to emerging technology to relieve the burden on healthcare providers.

Key Challenges HTM Teams Face:

• Budget: With an ever-increasing pressure to reduce spending, there is a year-on-year growing pressure on reducing budgets, whether for device maintenance or personnel training. 
• Increased Workload: With budget cuts and fewer workers, HTM professionals face increased pressure to do more with less. Staffing shortages result in delays to critical repairs and maintenance, including deprioritization of important initiatives such as cybersecurity.
• Resource Allocation: Understandably, direct patient care and clinical workflows take precedence over HTM operations and efficiency. This often leads to underfunding in HTM initiatives, making new budget and resource allocations for device upkeep and cybersecurity difficult.
• Operational Downtime: As the number of connected medical devices increases, often widening the organization’s attack surface, even well-staffed HTM teams struggle to keep up. Device sprawl can easily overwhelm teams, leading to unavailability as more devices require reconfigurations and security updates.

Ultimately, the burden on HTM teams has a trickle-down effect on direct patient care. When medical devices experience downtime or delays in repairs due to staffing shortages, it can adversely impact clinical workflow, efficiency of patient care delivery, and overall patient care. Addressing these gaps is critical to ensuring that both care delivery and device management are optimized for the modern healthcare landscape.

Four Strategies for Addressing HTM Staffing and Skill Gaps

Healthcare is a critical service. Patients are living longer and battling more chronic conditions such as diabetes, heart disease, cancer, and Alzheimer’s disease—all of which can result in extended stays at a hospital or other inpatient facility. The result? Healthcare facilities need operational medical technology, and they need to address staffing shortages in HTM. Combining technology, data insights surrounding IoMT, staffing solutions, and robust workflow standardization frameworks can help HTM departments accomplish more, even with meager budgets, making the most of in-house staff and augmenting the team where it makes sense.

1. Increased Use of Technology and Automation

However, it’s important to note that traditional passive scanners alone are often insufficient for IoMT device security. Layering traditional security tools with a purpose-built IoMT management platform can allow HTM teams to effectively identify and prioritize threats based on their impact on the healthcare system.

2. Get Insights Into Medical Device Utilization

One of the biggest challenges HTM teams face is keeping track of all the connected medical devices within their network and how much they are being used. This allows HTMs to prioritize remediation based on frequency of use and possible availability for scheduled downtime..

Device inventories in Asimily provide insight into medical device utilization. HTM teams spend a lot of time tracking down mobile medical devices and also assessing its usage for reallocation and redistribution based on capacity needs. When HTM teams leverage Asimily, they can not only locate hard-to-find devices reducing their “could-not-locate” counts but also generate accurate utilization information. HTM teams have used this information for capital budget planning, replacement planning, and reallocation of devices.

3. Staffing Augmentation to Grow In-House HTM Teams

Staff augmentation in healthcare IT is a flexible outsourcing solution that allows healthcare organizations to onboard specialized IT and cybersecurity experts to support in-house teams. This approach helps HTM teams manage critical services without the long-term costs and time investment of hiring full-time staff.

By leveraging staff augmentation, healthcare organizations can scale and accelerate the implementation of cybersecurity programs, improve incident response, and address regulatory compliance requirements efficiently.

Some core functions of the HTM cybersecurity program management that benefit from staff augmentation include:

• Device and Vulnerability Management: Augmented staff can help monitor devices and use risk-based prioritization to identify and secure the most at-risk devices.
• Incident Response and Recovery: A quick response to cyber incidents is the best way to minimize downtime. Augmenting HTM teams with cybersecurity experts can help with containment and recovery.
• Regulatory Compliance and Policy Management: HTM teams can use staff augmentation to assist in developing policies, managing compliance, and ensuring that all security measures meet or exceed regulatory standards.

4. Policy and Compliance Design

Healthcare is a highly regulated industry, and compliance is often linked to cybersecurity. Hospitals and other healthcare facilities handle vast amounts of sensitive patient data, including protected health information (PHI). Regulations such as the Health Insurance Portability and Accountability Act (HIPAA) mandate both physical and technical safeguards for PHI, including secure transmission, encryption, and regular risk assessments to identify vulnerabilities. Of course, threat actors know this, and healthcare is frequently the target of cyberattacks, with 725 large-scale breaches in 2023 alone. 

IoMT devices pose additional regulatory challenges for HTM teams. Many of these devices are not designed with strong encryption or security features needed to protect PHI, and they often run end-of-life (EOL) software, which can make patching vulnerabilities challenging. By leveraging external support for designing policy frameworks and compliance programs, healthcare organizations can ensure they meet these stringent requirements while maintaining a clear direction for managing their device ecosystem.

Combining these strategies will allow healthcare systems to address HTM staffing shortages. This will ensure that the medical device is maintained efficiently, minimizing operational disruptions and, ultimately, improving patient care quality.

Scale Your HTM Team With a Trusted Partner

HTM teams face a growing number of challenges, from managing a sprawling landscape of devices to defending healthcare systems against cyberattacks. Staffing shortages can compound these challenges and place pressure on teams, but there are scalable solutions that can help HTM teams secure medical devices, even in the face of reduced resources.

Finding the right partner allows healthcare organizations to scale their cybersecurity efforts efficiently. By bringing in specialized expertise, HTM teams can better manage cybersecurity risks throughout the entire device lifecycle, from deployment to maintenance and security updates.

Asmily offers bespoke services designed to empower HTM teams. Our comprehensive platform can help them mitigate even persistent cyber risks, all while securing IoMT devices and ensuring that your cybersecurity program keeps pace with modern demands.