When scheduling your next checkup or appointment at the doctor’s office, a few things may come to mind: rearranging your work schedule, covering the copay or visit cost, anticipating the next steps or outcomes of the visit and so on. It’s rare that a patient considers the potential threat of a cyber attack during a standard doctor visit. But as we've seen from recent examples such as malware faking cancerous nodules, hospitals, health systems, private practices and others in the healthcare field can't ignore looming and potentially devastating cyber threats...especially as adversaries become more sophisticated and as our interconnected world expands the attack surface.
The healthcare industry has a huge target on its back when it comes to cyber adversaries. From patient records, communication tools, medical devices, even down to the elevators inside the hospital, it is critical for the industry to have a pulse on physical and cybersecurity threats to keep operations up and running. Unlike many other industries, the manipulation of healthcare data and technology can literally be a life or death situation – so security is of utmost importance.
Unsecured Internet of Things (IoT) devices like smartphones provide an easy gateway for cybercriminals wanting to get inside your network. But the risk goes beyond just laptops and smartphones – wearable technology and even medical devices are at risk if not properly secured. In fact, just last year the FDA warned of vulnerabilities in medical devices like pacemakers and defibrillators. When it comes to any kind of data or device, security must be top of mind.
April marked the worst month to date for healthcare data breaches. According to HIPAA Journal’s April 2019 Healthcare Data Breach Report, there were a grand total of 46 healthcare data breaches. Perhaps even more troubling, the number of incidents caused by insiders was greater than those perpetrated by external threat actors, which is a security characteristic unique to the healthcare industry.
What’s Behind Healthcare Cyber Attacks?
Besides being a viable, wealthy host for cyber parasites, there are other reasons healthcare systems fall prey to attack:
- Misuse of technology
- Physical theft
- Outdated software
- Hackability of Internet-connected devices (i.e. smartphones, pacemakers)
- Human errors
The HIPAA Journal Report notes that the number one cause of breaches was human error with doctors and nurses being 14 times more likely to cause breaches of medical information. That’s not to say your healthcare providers aren’t working to protect you. In many cases, there is a lack of awareness and resources to effectively remedy the problem.
Solutions for Better Cyber-Hygiene
Though the risk of attack looms, there are certain protocols and precautions that can be put into place to prevent a breach. When healthcare professionals are well-equipped and have the right tools, their organizations stand a better chance against cyber attacks.
Protection should begin with the frontline staff. From the IT staff to the medical scribes, increasing awareness and educating staff members on potential security threats, vulnerabilities and risky behaviors is critical.
One way the industry can build immunity around misuse of data is through information sharing, or collective defense. Information sharing is essential to bolster the industry’s cyber defense strategies. With a collective approach, the healthcare industry can work to share threat information in a more collaborative manner and better coordinate against attacks.
It’s not lost on us to monitor our health and take certain measures to protect ourselves from illnesses, viruses and diseases. Now, we must adopt the same approach to our online health and encourage our families, friends, co-workers and industry leaders to do the same.
Lastly, as important as it is for healthcare industry professionals to have a pulse on the cybersecurity trends and best practices, it is equally important for PR firms to have a finger on the pulse when it comes to dynamic industry trends – especially since the U.S. healthcare industry is growing at a rapid pace, with the market predicted to reach $104.5 billion by 2020.
Merritt Group’s "Health IT Media Coverage and Digital Trends Report" examines the changing media and marketing landscape and illuminates opportunities that enterprise technology healthcare companies can leverage for increased visibility.
Download Merritt Group's Health IT report to get the latest pulse on cybersecurity trends in the healthcare industry.