Hacked Healthcare: Exploring the Growing Importance of Healthcare Cybersecurity

Healthcare Cybersecurity

Industries across the board are becoming more technology-driven as businesses embrace the digital era, and in many ways, healthcare is leading the way. Hospitals and clinics are transitioning away from paper medical histories in favor of electronic health records (EHR). This is largely thanks to the Medicare and Medicaid EHR Incentive programs, which reward healthcare providers who make the switch to qualifying EHR systems.

The digitization of medical records comes with plenty of benefits, but there’s an element of risk involved as well. Questions about healthcare cyber security were thrust into the national spotlight when hackers caused a data breach at a Los Angeles hospital in February 2016. This wasn’t an isolated incident. There was an average of at least one healthcare data breach per day in 2016.

These cyberattacks have patients worried that the healthcare industry might not be doing enough to protect their medical information. What are the possible consequences of these data breaches, and what can the healthcare industry do to increase their cyber security? We spoke with the experts to get the facts about this complicated situation.

The need to protect sensitive medical information

No one wants their information in the hands of malicious hackers, and this is particularly true when it comes to the highly-sensitive information found in medical records. First there’s the obvious concern: Your private medical history. This includes not only your basic health information, but also details about substance abuse, sexual history and mental health concerns. Those records also contain identifying information, including your social security number, which hackers could use to steal your identity.

The ramifications from a data breach can be catastrophic for both patients and providers. Patients could become victims of identity theft or have their sensitive medical information released to the public. Healthcare practices that are breached may be subject to legal action and regulatory fines, negative PR and even having to close their doors for good, according to Dustin McEarchern of ProTechnical Performance IT Solutions.

Worse yet, data breaches can put patient safety on the line.

“Unsecured medical devices that are connected to or embedded within a patient may present risks that could put patient safety at risk,” says Mike Nelson, VP of Healthcare Solutions at DigiCert. “The ramifications of a patient being harmed by a device that malfunctions due to a cyber security breach are catastrophic.”

Cracks in the system

The healthcare industry’s increased reliance on technology calls for an increase in cybersecurity. Many healthcare providers and insurance companies have recognized that need and are already taking action to protect patient information.

“The good news is that healthcare providers take this extremely seriously,” says Ron Winward, Cyber Security Evangelist at Radware. “Healthcare providers understand that patient information and Personally Identifiable Information (PII) are of their most important assets. There are also strict regulations to enforce them, such as HIPAA and HITECH.”

But protecting patient data is easier said than done. These are just a few of the cracks in the healthcare industry’s cyber security armor that our experts have identified.

Lack of resources

“Where we see non-compliance are in small- and medium-size practices due to lack of knowledge and resources,” says Jacob Ackerman, Chief Technology Officer at SkyLink Data Centers. Changing regulations and compliance requirements coupled with the expense of keeping pace with updated technology puts smaller healthcare facilities at a disadvantage.

Larger practices aren’t immune to the problem, either. They, too, may struggle with protecting patient data with not enough resources to do the job.

“Larger healthcare providers, while typically better resourced and protected, have a much larger attack surface for hackers to try to chip away at,” McEarchern says.

Human error

You may imagine that unsecured technology is the biggest weakness in healthcare cyber security, but that line of thinking fails to take human error into account. “Much attention is paid to sophisticated technology solutions to protect data. Unfortunately none of that addresses the largest problem—people,” Ackerman says.

Hackers can still gain access to sensitive information the old-fashioned way. Printed medical documents that weren’t properly disposed of, passwords left out in the open for anyone to see, a faxed prescription that falls into the wrong hands or an unencrypted email platform can all lead to data breaches, according to Ackerman.

Internal breaches

“We often think about breaches and exfiltration from an outside-in perspective, like an outsider coming in from the internet,” Winward says. But that assumption isn’t always correct. Another tactic hackers may use is to “breach the local office and work [their] way into the healthcare provider network that way, as trusted traffic from trusted IPs.”

How could a hacker manage this without healthcare employees noticing? Winward points out that nearly every exam room in every healthcare facility, from dentist offices to hospitals, has a computer. Patients—and possibly hackers—are often left alone with these computers while they wait to see their doctor.

“Nobody would ever notice a USB plugged into the back of one of those PCs,” Winward says.

The future of healthcare cyber security

The healthcare industry has some shaping up to do if they want to keep pace with changing technology and protect their patients from data breaches. But it’s not all doom and gloom.

“The past several years have offered terrific advancements in protection,” Winward says.

Continuously improving technology and increasing the awareness of healthcare workers is key to protecting patient information.

“Firewall and security software manufacturers are constantly evolving their products with the healthcare industry in mind. Staff cyber security training resources are now widely available and affordable,” McEarchern says.

Beefing up healthcare cyber security is good news for those working in the cyber security field. The Bureau of Labor Statistics (BLS) predicts that cyber security jobs will increase by 18 percent from 2014 to 2024, and it’s all thanks to the need to protect sensitive information from cyber-attacks. The BLS adds, “as the healthcare industry expands its use of electronic medical records, ensuring patients’ privacy and protecting personal data are becoming more important. More cyber security professionals are likely to be needed to create the safeguards that will satisfy patients’ concerns.”

Healthcare providers may have their work cut out for them, but the goal is for cyber security to eventually be an everyday practice in every facility.

“Cyber security needs to become part of the healthcare culture,” Nelson says. “As we continually practice good cyber security, it will become much more natural and a part of how things are done in the industry.”

Could you be a healthcare cybersecurity hero?

The healthcare industry has come a long way toward increasing cybersecurity, but it still has a ways to go. Healthcare providers need innovative information security analysts to help them keep patient information safe from the hands of malicious hackers.

If you’re ready to be the next healthcare cyber security hero, learn how to get started in our article, “How to Become an Information Security Analyst and Fill the Gap in the Tech Field”.


About the author

Ashley Brooks

Ashley is a freelance writer for Collegis education who writes student-focused articles on behalf of Rasmussen University. She believes in the power of words and knowledge and enjoys using both to encourage others on their learning journeys

female writer

Related Content

Related Content

This piece of ad content was created by Rasmussen University to support its educational programs. Rasmussen University may not prepare students for all positions featured within this content. Please visit www.rasmussen.edu/degrees for a list of programs offered. External links provided on rasmussen.edu are for reference only. Rasmussen University does not guarantee, approve, control, or specifically endorse the information or products available on websites linked to, and is not endorsed by website owners, authors and/or organizations referenced. Rasmussen University is accredited by the Higher Learning Commission, an institutional accreditation agency recognized by the U.S. Department of Education.

logo-accreditation-acen logo-accreditation-ccne chart-credential-laddering-associates-bachelors-masters 0 Credits 90 Credits 180 Credits 48 Credits Start Here HIGH SCHOOL GRADS Start Here TRANSFER STUDENTS Start Here SECOND DEGREE PURSUERS End Here ASSOCIATE'S DEGREE Start Here MASTER'S DEGREE PURSUERS End Here BACHELOR'S DEGREE End Here MASTER'S DEGREE chart-credential-laddering-associates-bachelors 0 Credits Start Here HIGH SCHOOL GRADS Start Here TRANSFER STUDENTS 90 Credits Start Here SECOND DEGREE PURSUERS End Here ASSOCIATE'S DEGREE 180 Credits End Here BACHELOR'S DEGREE chart-credential-laddering-msn chart-credential-laddering-nursing-programs chart-credential-laddering-post-grad-np chart-credential-laddering-nursing DNP MSN RN to BSN LPN to RN Bridge Accelerated BSN Professional Nursing ADN Practical Nursing Diploma Pre-Licensure Post-Licensure icon-colored-outline-bank icon-colored-outline-certificate icon-colored-outline-circle-dollar-sign icon-colored-outline-folder-search icon-colored-outline-hand-heart icon-colored-outline-head-blocks icon-colored-outline-head-cog icon-colored-outline-head-heart icon-colored-outline-health-plus-leaves icon-colored-outline-hospital icon-colored-outline-lifelong-learning icon-colored-outline-light-bulb-analytics icon-colored-outline-location-pin icon-colored-outline-magnifying-glass icon-colored-outline-monitor-healthcare icon-colored-outline-monitor-paper-search icon-colored-outline-nurse-rays icon-colored-outline-padlock-shield icon-colored-outline-person-presenter-screen icon-colored-outline-scales ras-logo-flame ras-logo-horizontal ras-logo-stacked icon-colored-advance icon-colored-arrows-cross-curve icon-colored-briefcase-star icon-colored-build icon-colored-bulb-analytics icon-colored-certificate icon-colored-continual-development icon-colored-duo-chatbox icon-colored-folder-mortarboard icon-colored-forward-ribbon icon-colored-gears-clock icon-colored-globe-pen icon-colored-growth icon-colored-hand-bubble icon-colored-hand-stars icon-colored-hands-gear icon-colored-head-blocks icon-colored-head-cog icon-colored-health-plus-leaves icon-colored-hospital-building icon-colored-laptop-cbe-skyscraper icon-colored-laptop-checkmark icon-colored-laptop-webpage icon-colored-location-map icon-colored-location-pin icon-colored-monitor-paper-scan icon-colored-mortarboard-dollar icon-colored-national icon-colored-people-chat-bubbles icon-colored-person-cheer-star icon-colored-person-laptop-checkboxes icon-colored-person-screen-instructor icon-colored-person-whiteboard icon-colored-phone-chatbox icon-colored-police-light icon-colored-prep icon-colored-presenter icon-colored-regional icon-colored-save-time icon-colored-shirt-hat icon-colored-skyscraper icon-colored-state icon-colored-student-centered icon-colored-support icon-colored-world-experience icon-triangle-arrow-up-plant icon-triangle-calendar-pencil icon-triangle-clock-rotating-arrows icon-triangle-display-gears icon-triangle-hand-right-speech-bubble icon-triangle-laptop-coding-brackets icon-triangle-mortarboard icon-triangle-paper-ribbon icon-triangle-person-cheer-star icon-triangle-person-juggle icon-triangle-triple-people-chat-bubble icon-modality-campus icon-modality-field icon-modality-online icon-modality-residential icon-arrow icon-bank icon-camera icon-filter icon-general-chart icon-general-connect icon-general-degree icon-general-discuss icon-general-email icon-general-find icon-general-hat icon-general-heart icon-general-laptop-building icon-general-laptop icon-general-leader icon-general-map icon-general-money icon-general-paperwork icon-general-people icon-general-phone icon-general-speak-out icon-head-heart icon-info-circle icon-mail-forward icon-mglass icon-play-solid icon-quote-mark-left icon-quote-mark-right icon-scales icon-share-square-o icon-simple-chat icon-simple-desktop icon-simple-find icon-simple-hamburger icon-simple-phone icon-spinner icon-tag icon-testimonial-quotes icon-util-checkbox-white icon-util-checkbox icon-util-checked-white icon-util-checked icon-util-chevron-down icon-util-chevron-left icon-util-chevron-right icon-util-chevron-up icon-util-circle-arrow-down icon-util-circle-dot icon-util-language-switch icon-util-loading icon-util-open-window-link icon-util-pdf-link icon-util-refresh icon-util-x rebrand-arrows icon-social-facebook-colored icon-social-facebook-square-colored icon-social-facebook-square icon-social-facebook icon-social-google-plus-square icon-social-google-plus icon-social-instagram-colored icon-social-instagram icon-social-linkedin-square-colored icon-social-linkedin-square icon-social-linkedin icon-social-pinterest-p-colored icon-social-pinterest-p icon-social-twitter-colored icon-social-twitter-square icon-social-twitter icon-social-youtube-play-colored icon-social-youtube-play graduate-cap-star-coin hand-coin hand-heart nurse-stethoscope-rays card-send-smile person-yoga-pose suitcase-star