Hospitals are now notorious for their low cyber-security. Ransomware scammers and hackers often target healthcare institutions because of this. It’s a serious security and privacy issue, as hospitals store a massive amount of personal data. According to a new Management Systems Society (HIMSS) study, a large percentage of healthcare institutions (hospitals, clinics) don’t even encrypt data while they send it to other locations.
Healthcare and Security
Back at the beginning of August, our team reported on the massive hack of Banner Health where 3.7 million customers were affected by a hack targeting the healthcare firm’s catering services (food and beverage outlets.) The giant Arizona-based firm couldn’t protect its customers, and some lawsuits soon followed. Patients trust healthcare institutions with a lot of personal data, and when their hacked, the customer data goes to the cyber-criminals. Few institutions have a larger amount of personal data than hospitals, like Social Security numbers, addresses, health history. That information is necessary for hospitals to run properly, but it’s also threatened by being in their possession.
Healthcare and Ransomware
One of the biggest threats to the healthcare industry are ransomware scams. They target hospitals, not only for their lacking cyber-security but also because healthcare institutions have more to lose if they don’t pay the ransom. If the ransomware virus erases user records, victims are sure to sue the healthcare institution for the damage. Sadly, that’s the least of their problems. These attacks can also cost human lives, as the disruption of hospital routine can lead to a lot of complications. All of this helps the ransomware scammers, who are only looking for a quick payday. They’re not interested in the massive damage their action can do to the patients of the healthcare institution.
Cyber Security Threats and Their Prevention in the Future
The only way to stop the massive amount of attacks on healthcare institutions is for them to improve the quality of their security. This might be expensive at first, but it’s certainly preferable to financing crooks and giving them personal information. The first steps should be the most basic – encryption and employment of firewalls. It’s shocking that some healthcare entities lack those basic measures. That can be very dangerous, as we don’t know where patient data may end up at the end of the line. If healthcare institutions continue to neglect the importance of cyber-security, the attacks are likely going to get worse. As we all know, the prevention is the best medicine. That’s always true, even when the doctor ends ups being the patient.