Access your Pro+ Content below.
Hospitals bone up on medical device cybersecurity plans
Healthcare cybersecurity can be likened to those old movie westerns pitting the good guys against the bad guys. Back then, however, it was easy to distinguish the white hats from the black hats. Not so in today's complex, sinister world of computer hacking, malware, ransomware and botnets, where the black hats stealthily maneuver through the shadows of a cyberspace that has often been compared to the wild wild west. In some respects, healthcare systems have shown definite signs of improvement in preventing certain types of cybercrimes. But crime reductions in one area can mean increases in other areas as cybercriminals turn their attention to easier and perhaps more lucrative targets that threaten medical device cybersecurity.
The March issue of Pulse opens with the recognition that hackers are forever vigilant at concocting new and innovative ways to steal patient information and disrupt hospital operations. To add insult to injury, the perpetrators are now offering their hacking "best practices" as a service for less than altruistic reasons.
Along those lines, our cover story reports on healthcare's increasing use of and dependence on connected medical devices and the resulting vulnerability to hacks, namely ransomware. But IT analysts and security executives see artificial intelligence and blockchain as effective weapons in strengthening medical device cybersecurity. In another feature, we examine the misconception that security measures to safeguard electronic protected health information contained in clinical files march in lockstep with HIPAA privacy laws. To overcome that false sense of security, healthcare organizations need to closely assess key HIPAA mandates like risk analysis and policy audits.
Also in this issue, crippling ransomware attacks are supplanting health data breaches as the greatest enemy to patient privacy and safety. Statistics show that even though the number of patient records breached plummeted last year, ransomware and malware incidents doubled, security threats from insiders continued unabated, and health organizations took longer to discover they were breached. But there are several steps CIOs and CISOs can follow to protect patient information and shore up cybersecurity.
Access this PRO+ Content for Free!
Features in this issue
More hacker threats, including via connected medical devices, are coming to healthcare organizations, but health IT professionals can look to AI and blockchain for possible help.
Patient data breaches dropped in 2017, mainly due to fewer large-scale breaches, but ransomware strikes intensified and insiders kept hacking.
Medical facilities sometimes believe security is equivalent to compliance with HIPAA -- but not so fast. Organizations must consider other aspects when guarding patient data.
Columns in this issue
Health IT and hospital security professionals must try to stay ahead of cyberattacks against electronic patient records. But now hackers are prepping the next generation.
Worry about health IT cybersecurity has shifted from hacker-triggered health data breaches to ransomware and malware exploits that shut down hospitals and threaten patient safety.
Hospital CIOs who want to ensure that their environments are protected should be sure to implement multifactor authentication and AI-based monitoring to prevent data breaches.