21 Mar Healthcare Has Skipped Prescriptions
Hospitals and other healthcare-related businesses have worked to adopt modern information technology practices and systems. This includes extensive use of electronic health records, broadening use of smartphones and tablets, Internet-enabled medical devices, and patient-friendly systems to increase patient satisfaction. But unfortunately, with this continued adoption of technology, healthcare organizations are falling behind with their cybersecurity checkups needed to ensure the confidentiality, integrity and availability of patient data and networks.
We all know we must protect ourselves against illness and most of us go for annual checkups and get our flu shots. However, some of us take risks and skip exams and flu shots. It seems the healthcare industry has neglected to keep up with their routine checkups and is now paying the price. The healthcare industry is under increasing threats from cyberattacks and intrusions as medical providers go digital.
Where the industry’s cybersecurity shortfalls are will be outlined in the upcoming report from a Department of Health and Human Services (HHS) task force established under the Obama administration The report will detail the state of the industry’s cybersecurity practices.
We have seen this when working with small and medium healthcare business the risks are wide spread and there is no single solution that can address all threats.
Intruders can bring down computer networks, affecting patient care; hack into records and steal sensitive patient data; or breach and alter patient records, compromising their integrity.
The federal government has also taken notice. Officials raised the alarm over the healthcare industry’s vulnerabilities to so-called ransomware attacks in the wake of a breach at the Hollywood Presbyterian Medical Center in Southern California last year. In that incident, a hacker successfully held the hospital’s computer system hostage in exchange for $17,000.
Hackers have increasingly targeted patient records containing Social Security numbers and other sensitive information, in some cases selling them on the dark web.
HHS catalogues breaches of unsecured health records affecting 500 or more people. There have been 50 such breaches since the start of 2017, affecting over 424,000 individuals, according to a review of the public records by The Hill.
Last year, the department reported 329 such breaches, a marked increase over the 280 reported in 2015. The HHS cybersecurity task force uncovered a number of hurdles facing the healthcare industry, including a substantial shortage of technology security talent. The task force found that three-fourths of healthcare providers in the country — largely those of medium and small size, and in rural areas — do not have a single security person on staff.
The release of the task force’s findings and recommendations is imminent. But, the healthcare industry shouldn’t wait until the report is released. They should all prescribe themselves a dose of cybersecurity reality and begin with assessing their cyber-related risk and take the steps necessary to have a clean bill of cybersecurity health.