• linkedin
  • Increase Font
  • Sharebar

    Recent cyberattacks expose physician practice weaknesses

    The recent rash of cybercrimes that either directly targeted or impacted healthcare institutions, including May’s WannaCry ransomware attack, demonstrates that many in the medical community don’t have strong enough electronic security.

    “Sometimes the small practice physicians think they won’t be targeted because they have less information, but what we’re learning is that everyone is vulnerable because health data is very valuable,” said Deven McGraw, deputy director for Health Information Privacy for the Office for Civil Rights at the U.S. Department of Health and Human Services (HHS).

    Consider a statistic from the nonprofit HITRUST Alliance, a collaboration of public and private healthcare technology, privacy and information security leaders. It found that 40% of doctor offices and medical practices working with HITRUST on cybersecurity had active malware or spyware after an assessment.

    HITRUST CEO Daniel Nutkis said many physician offices aren’t following even the basic security measures to prevent attacks like WannaCry. They lack up-to-date hardware and software, they fail to download security patches and they skimp on endpoint and network security technologies.

    “When you have deficiencies in all these areas, you’re set up for failure,” said Will Long, CISSP, CPHIMS, vice president and chief information security officer for information systems at Children’s Health, a pediatric healthcare system in North Texas that includes Children’s Medical Center Dallas and Children’s Medical Center Plano..

    Long said he sees many physician groups affiliated with his medical institution struggle in those areas because they’re, understandably, focused first on patient care and don’t have a dedicated staff member to handle IT, let alone cybersecurity.

    Next: Simple steps to combat malware

    0 Comments

    You must be signed in to leave a comment. Registering is fast and free!

    All comments must follow the ModernMedicine Network community rules and terms of use, and will be moderated. ModernMedicine reserves the right to use the comments we receive, in whole or in part,in any medium. See also the Terms of Use, Privacy Policy and Community FAQ.

    • No comments available

    Latest Tweets Follow