How to Prevent a High-Impact Cyberattack
Health care remains under siege from ransomware perpetrators. Ransomware accounted for nearly 70% of the successful cyberattacks on health care organizations, according to Verizon’s 2023 Data Breach Investigations Report.
Ransomware attacks have increased in recent years due to health care’s reliance on network and internet-connected technology. They often result in the disruption and delay of health care delivery, which can affect patient safety and outcomes. For instance, ambulances must often divert stroke or trauma patients to distant emergency departments, negatively affecting patient outcomes and creating a regional stress on care delivery.
The impacts of ransomware attacks were underscored during the AHA’s recent “Convening Leaders for Emergency and Response (CLEAR)” Crisis Leadership Series of webinar discussions with member hospitals.
As a real-life example, Stephen Leffler, M.D., chief operating officer at the University of Vermont Medical Center, described the clinical impact of a cyberattack on his hospital, caused by an employee who downloaded home email onto a hospital computer.
The medical center’s electronic health record system went down for 28 days. Its regional lab couldn’t obtain lab results to send to other hospitals in its network or across the state. Its radiology system went down for six weeks.
Cyberattacks like this can also result in compromised medical records, data theft, identity theft, fraud and finance repercussions.
4 Keys to Effectively Prepare for a Cyberattack
John Riggi, AHA’s national advisor for cybersecurity and risk, who moderated the webinar, and panelists shared four ways to prepare for, prevent and respond to high-impact cyberattacks. The panel included: Brian Gragnolati, president and CEO, Atlantic Health System; Stephen Leffler, M.D., chief operating officer, University of Vermont Medical Center; Mark Sullivan, president and CEO, Catholic Health; and Christian Dameff, M.D., assistant professor of emergency medicine, biomedical informatics and computer science and medical director of cybersecurity, University of California San Diego Health.
1 | Collaborate
Collaboration is key to creating emergency response plans for cyber incidents.
- Within your organization, take a multidisciplinary approach — involve not just information technology teams, but also clinical staff, emergency managers and other stakeholders.
- To mitigate the effects of a cyberattack across your region, engage with your local community and coordinate with other health care organizations and relevant stakeholders. That includes establishing prearranged channels of communication for sharing information.
2 | Anticipate
Expect cyberattacks to occur and plan for longer recovery periods, as attacks can last for several weeks.
- Prioritize cybersecurity investments and consider the long-term effectiveness and reliability of technology solutions.
- Educate and train staff; conduct phishing exercises; and have robust incident response, disaster recovery and business continuity plans in place.
- Also develop department-specific cyber disaster plans to help identify high-risk patients and ensure continuity of care during an attack.
- Work closely with staff throughout all efforts to refine processes and gather feedback.
3 | Prepare
Build an evidence base of best cybersecurity practices.
- Invest in research to evaluate the effectiveness of cybersecurity interventions.
- Share findings to elevate cybersecurity in the entire health care sector.
4 | Evaluate
Carefully analyze new technologies and vendors.
- Conduct due diligence when evaluating third-party resources to reduce attack surfaces.
- Demand accountability, evidence-based practices and stronger security measures from technology vendors.
By following these steps, your organization will be more prepared to protect patient safety, ensure continuity of care and mitigate the impacts of cyberattacks. To learn more, listen to the full webinar.
Also, learn how the exclusive, highly vetted panel of service providers in the AHA Preferred Cybersecurity Provider Program can help your organization prepare for, respond to and prevent cyberthreats.