Why the Healthcare Industry Needs a Cybersecurity Checkup

As the healthcare industry continues along its accelerated path toward digital record-keeping and electronic medical records (EMRs), hospitals and healthcare facilities of all sizes must prepare for very real possibility of being hit with a cyberattack.

Of course, that’s easier said than done, which is why this month we’re honing in on cybersecurity safety as part of National Cybersecurity Awareness Month (NCSAM), an initiative between the National Cyber Security Alliance and the U.S. Department of Homeland Security. The month of October is an important time to remind and refresh our healthcare communities of the absolute necessity to be on point when it comes to your hospital’s EHR security.

In recent years, according to the InfoSec Institute, stealing medical records has become a multibillion-dollar business on the black market, with such records estimated to be up to 20 times more valuable than a credit card number. With stolen records, hackers can make phony insurance claims, order prescription drugs, buy equipment to resell on the black market, or even use them for themselves or sell them to others—really, the options are as endless as they are profitable.

The reports of hacked hospitals have stacked up over the past few years. In 2017, FortiGuard Labs, a security protection firm, reported that healthcare facilities saw an average of nearly 32,000 attacks per day per organization compared to more than 14,300 attacks per organizations in other industries. Meanwhile, in the second quarter of 2018, 3.15 million patient records were compromised in 142 different healthcare breaches, according to the Protenus Breach Barometer.

Furthermore, the Protenus report found that “30 percent of privacy violations involved repeat offenders, indicating that health systems accumulate risk that compounds over time when proper reporting and education do not occur."

As hospitals face growing threats and hackers become more sophisticated in their attacks, hospitals must perform healthcare cybersecurity checkups or risk compromising the following:

1. Patient Safety. When hospitals are incapacitated by a cyberattack, patients lives could be in danger. For instance, when a Maryland-based healthcare system was attacked in 2016, the hospital was forced to shut down its email and records databases and was unable to provide radiation treatment to its cancer patients for days.
2. Hospital Reputation. When a hospital’s data is compromised, so too are patients’ relationship with their providers. Rebuilding a damaged reputation not only takes time from important hospital duties, but it can also cost a lot of money.
3. Financial Health. According to a recent story from National Public Radio, the average cost of a healthcare breach is estimated to be more than $2.2 million—not to mention the additional cost of sustained operational downtime.

Guaranteeing the safety and security of your hospital is no small task, but it is an essential one. Learn how MEDHOST can help you safeguard your hospital or healthcare facility with our complete cloud solutions managed by our team of highly experienced experts.

Check out the MEDHOST Minute Blog for more videos and blogs on the healthcare industry’s evolving cybersecurity landscape throughout October and NCSAM.