4 Key Ways to Prepare for, Prevent and Respond to High-impact Cyberattacks

Oct 02, 2023 - 07:00 AM by
John Riggi, National Advisor for Cybersecurity and Risk, AHA
Cyber_Blog_900x400_4KeyWays_1023.jpg

I (John Riggi) recently moderated a webinar discussion as session three of the American Hospital Association’s Convening Leaders for Emergency and Response (CLEAR) Crisis Leadership Series. CLEAR’s purpose is to strengthen health care organizations’ ability to prepare for, respond to and recover from future emergencies and disasters — in the case of this webinar, cyberattacks on hospitals and health systems, and in particular, ransomware attacks.

Potential Impacts of Ransomware and Other Cyberattacks

Ransomware attacks have increased in recent years due to health care’s reliance on network and internet-connected technology. They often result in the disruption and delay of health care delivery, resulting in a risk to patient safety and outcomes. For instance, ambulances must often divert stroke or trauma patients to distant emergency departments, negatively affecting patient outcomes and creating a regional stress on care delivery.

As a real-life example, Stephen Leffler, MD, President and COO at University of Vermont Medical Center, described the clinical impact of a cyberattack on his hospital, after an employee downloaded their home email on their work computer:

  • The medical center’s electronic health record system went down for 28 days.
  • Its regional lab could not get lab results back to other hospitals in its network or across the state.
  • Its radiology system went down for six weeks.

Such a cyberattack can also result in compromised medical records, data theft, identity theft, fraud and financial repercussions.

Three other health care leaders joined the conversation with Dr. Leffler and me:

  • Brian Gragnolati, President & CEO, Atlantic Health System
  • Mark Sullivan, President & CEO, Catholic Health
  • Christian Dameff, M.D., Asst. Professor of Emergency Medicine, Biomedical Informatics & Computer Science and Medical Director of Cybersecurity, University of California San Diego Health

What can your hospital or health system do to proactively prepare for a cyberattack with plans to maintain both business continuity and, more importantly, clinical continuity?

4 Keys to Effectively Preparing for a Cyberattack

  1. Collaborate. Collaboration is key to creating emergency response plans for cyber incidents.
    • Within your organization, take a multidisciplinary approach — involve not just IT teams, but all leadership across your organization as well as clinical staff, emergency managers and other stakeholders.
    • To mitigate the effects of a cyberattack across your region, engage with your local community and coordinate with other health care organizations and relevant stakeholders. That includes establishing prearranged channels of communication for sharing information.
  2. Expect cyberattacks to occur and plan for longer recovery periods, as attacks can last for several weeks.
    • Prioritize cybersecurity investments and consider the long-term effectiveness and reliability of technology solutions.
    • Educate and train staff; conduct phishing exercises; and have robust incident response, disaster recovery and business continuity plans in place.
    • Integrate cyber incident response planning with emergency response planning.
    • Also develop department-specific cyber disaster plans to help identify high-risk patients and ensure continuity of care during an attack.
    • Work closely with staff throughout all efforts to refine processes and gather feedback.
  3. Build an evidence base of best cybersecurity practices.
    • Invest in research to evaluate the effectiveness of cybersecurity interventions.
    • Share findings to elevate cybersecurity in the entire health care sector.
  4. Evaluate new technologies and vendors carefully.
    • Conduct due diligence when evaluating third-party resources to reduce attack surfaces.
    • Foster accountability, evidence-based practices and stronger security measures from technology vendors.

By following these steps, your organization will be better prepared to protect patient safety, ensure continuity of care and mitigate the impacts of cyberattacks. To learn more, listen to the Webinar.

Learn how the exclusive, highly vetted panel of service providers in our AHA Preferred Cybersecurity Provider (APCP) Program can help your organization prepare for, prevent and respond to today’s pressing cyberthreats.

Related News Articles

Headline
CISA extends comment period for proposed rule on cyber incident reporting
The Cybersecurity and Infrastructure Security Agency May 3 extended the comment period to July 3 for the April 4 proposed rule that would implement cyber…
Headline
White House releases critical infrastructure memo empowering CISA to strengthen health care security 
The Biden Administration April 30 released a memo announcing updated critical infrastructure protection requirements, which include the Cybersecurity &…
Headline
Agencies issue cyber advisory on North Korean spear phishing efforts 
The FBI, State Department and National Security Agency issued a warning about attempts by North Korean state-sponsored cyberthreat actors to exploit improperly…
Headline
Lawmakers grill UHG CEO at hearings following Change Healthcare cyberattack
Senate and House lawmakers May 1 grilled UnitedHealth Group CEO Andrew Witty about the continued fallout from the Feb. 22 cyberattack on Change Healthcare —…
Headline
AHA advertorial: Is UnitedHealth Group ‘Too Big To Fail’? 
“If you are asking yourself how a cyberattack on a single company could cause such massive damage, you are asking the right question,” an AHA advertorial in…
Headline
AHA provides update to Senate, House committee leaders ahead of hearings on fallout from Change Healthcare cyberattack 
The AHA April 29 provided the Senate Committee on Finance and House Energy and Commerce Subcommittee on Oversight and Investigations an update regarding…