Most healthcare organizations will say that they are confident in their choice of cybersecurity strategy, despite the continuously growing number of healthcare organization being affected by cyber attacks. One of the biggest cybersecurity threats to the industry right now is the threat of a ransomware attack.

Ransomware is a specific type of malware that can prevent an affected organization from accessing certain parts of their network or system either by denying access to, removing or encrypting data. For example, under a ransomware attack, a hospital and its staff could be locked out of accessing patients’ electronic health records (EHRs) and might be instructed to pay a ransom to the cyber attackers in order to regain access. Paying the attackers, however, does nothing to guarantee that the organization will be able to recover the data quickly or at all.

A recent survey found that ransomware attacks are occurring more regularly than many hospitals might think, showing an urgent need for more awareness and security efforts. More than one out of four healthcare IT employees surveyed admitted that their employer had experienced at least one ransomware cybersecurity attack within the past year. Even more concerning, 33 percent of survey respondents said that ransomware attacks happened more than once to their organizations.

These repeated attacks are not for lack of caring, according to the survey results. For 71 percent of responding employees, having cybersecurity measures in place at their organizations was a top priority to protect their patients. However, lack of resources and/or proper cybersecurity may be holding organizations back from having better safeguards in place to protect them from a ransomware attack.

Healthcare ransomware attacks can be devastating to the organizations involved. As more and more organizations implement connected medical devices and utilize networks with multiple access points, this risk only grows. If a healthcare organization is denied access to their own network, not only is sensitive patient data compromised and the organization in violation of HIPAA guidelines, but patient care could be delayed or hindered, resulting in a life or death situation.

This is why it’s critical for healthcare organizations to implement a variety of security measures, including the obvious malware protection, firewalls and anti-virus software, but also employee training on identifying malicious emails and suspicious links and proper use of connected medical devices. Additionally, obtaining cyber risk services and cyber liability insurance from a provider that specializes in cyber insurance solutions for the healthcare industry can help healthcare organizations identify and prioritize their cybersecurity risks to help prevent repeated ransomware attacks and other cyber attacks.

 

About Highland Risk Services

At Highland Risk, we use our expertise and experience to provide insurance information and programs to those who serve long-term care and senior living facilities. Since 2007, we’ve been offering insurance and risk management plans designed to help our agents give their clients the ability to achieve continued growth while simultaneously protecting against loss, containing costs and increasing profitability. With offices to serve you in Chicago, Illinois and Phoenix, Arizona, we do everything we can to make your experience with us as professional and transparent as possible. To learn more, contact us at (877) 890-9301.