Table of Contents
Why Cybersecurity is Important in Healthcare
Healthcare Cybersecurity in the News
Hospital hacks are becoming increasingly common. Breaches come in the form of data leaks or ransomware, each of which the cyber attacker demands payment to rectify.
In 2021, there were an average of 59 data breaches each month and 712 healthcare data breaches reported for the year. Here is a look at some of them:
- In August 2021, Eskenazi Health, a hospital system in Indiana, lost data in a breach. The hospital system did not pay the requested ransom, and the data was posted on the dark web.
- In January, it was found hackers had broken into the email accounts of hospital employees at UMass Memorial Health, exposing the records of over 200,000 patients. Information lost in the breach included Social Security numbers and medical information.
- In February, hackers posted stolen patient data to the dark web in a breach of Leon Medical Centers, which serves eight locations in Miami, and Nocona General Hospital, which has three locations in Texas.
- In October, Johnson Memorial Health lost its data to a breach. In response, the Indiana hospital system had to shut down its network to minimize the damage.
- In March, Rehoboth McKinley Christian Health Care Services in New Mexico was hit with a cyberattack that reduced staff to pen and paper. The hackers stole personnel files and posted them to their website.
- In April, it was discovered that cyberattackers gained access to extensive patient records at UC San Diego Health.
There are dozens of other stories.
In many instances, these hospitals already had healthcare cybersecurity measures in place. But as is often the case, hackers tricked employees into handing over sensitive information, giving them access to hospital systems.
Cybersecurity Issues in Healthcare
Hospitals and other healthcare facilities have been scrambling for healthcare cybersecurity companies to manage their healthcare IT security. Although there are industry standards, cybersecurity in healthcare remains a race to keep up with the latest exploits.
The chief standard to which US healthcare facilities are held is HIPAA, the Health Insurance Portability and Accountability Act, which stipulates security standards for patient data. These standards, however, are not designed to protect hospital cyber systems operations.
Another standard which many healthcare organizations seek to meet are the NIST standards. NIST standards exist for many industries and are specifically geared towards protecting IT systems from cyberattacks.
There are other cybersecurity frameworks as well such as HITRUST, ISO, and COBIT. Each of these has their advantages and disadvantages. With any cybersecurity improvement, there is usually a sacrifice in efficiency or accessibility.
Choosing the cybersecurity framework that is right for your healthcare facilities often requires consulting with cybersecurity experts. However, no matter what standards you adhere to, they cannot substitute for good cybersecurity training among staff.
Cybersecurity is a practice, not a configuration, and is only as good as your organization’s adherence to it. With newly emerging threats every day, this means continuing education on the latest cybersecurity threats.
Interested in learning more? Check out these blogs:
Why Cybersecurity is Important in Healthcare
With the rise in cyberattacks on healthcare institutions, it is becoming increasingly apparent that cybercriminals do not consider the ethics of the targets they select. No longer can hospitals assume that no one would ever attack them.
In today’s world of internet-connected everything, the entire infrastructure of hospitals are now vulnerable to cyber attackers. Securing all of that infrastructure is simply too large of a task for a hospital to handle without trained and certified cybersecurity expertise.
Because hospital budgets are often tight, healthcare providers are turning to managed services providers (MSPs) rather than opting for an in-house IT staff. MSPs manage your IT infrastructure, ensuring that systems are secure and operating normally.
Foresite has a full suite of services to ensure that your systems are secure. We provide our clients with penetration testing, cloud security, network monitoring, ongoing education, and more, ensuring a secure network. Our clients also receive our proprietary ProVision security software.
In the 21st century, hospitals are sitting targets for criminals trying to make a dirty dollar. At Foresite, our certified experts will seal your IT infrastructure from cybercriminals. We can proudly say that we’ve never had a breach. Get the security you can trust. Get in touch today.
Tristin Zeman
Tristin Zeman is the Digital Marketing Manager at Foresite. For the past 10 years, she has helped organizations of all sizes create and scale marketing programs through digital and traditional marketing channels and efficient marketing operations.