I also work in Healthcare IT(network admin - well that’s my title but I really do EVERYTHING), and I was thinking of the mobile workstations that are often left in hallways or sometimes in patient rooms where just anyone can walk up and get physical access. We have the machines locked within the carts they’re mounted on, but someone could get to the machines if they REALLY wanted to.
There are also many offices that are open, publicly accessible, and frequently left empty. Someone could EASILY walk in there and connect to a USB port in just a few seconds. Of course, if your network/system is setup right, it SHOULDN’T matter what happens on a local workstation, as the bad code would begin and end there. However, if it’s a workstation that handles sensitive information, a considerable amount of damage could be done.
Exactly right. We see it the same way. I feel that we have an additional burden...if the workstations go down, a surgeon could be up to their elbows in guts...