View more from News & Articles or Primerus Weekly

By:  John F. Queenan, Esq.
Iseman, Cunningham, Riester & Hyde LLP
Albany/Poughkeepsie, New York

Health care is a prime target for cyberattacks, says Russell Branzell, President and CEO of the College of Healthcare Information Management (CHIME), speaking at the March American College of Healthcare Executives’ 2016 Congress on Healthcare in Chicago.

As reported in Becker’s Hospital Review, Branzell’s presentation covered threats, risks and barriers to health systems adopting security measures. Medical information is a prime target, notes Branzell, as it commands a high value on the black market. Theft, fraud and loss of medical data are costly, and Branzell acknowledges that the faces of cyberattacks can belong to anyone, though nearly 15 percent of all documented attacks are carried out by insiders.

Hospitals and health systems become most vulnerable to an attack when unintentional errors are made within the system, and laptops, medical and mobile devices are proving to be a critical weakness, along with vendors who have access to data in the system.

Branzell shared the following actions that can be taken to reduce the risk of a cyberattack:

  • Increase awareness of major threats
  • Implement data exfiltration controls
  • Enhance user education and accountability
  • Put in place vendor security management
  • Implement risk assessment and management programs
  • Improve detection and reaction capabilities
  • Manage long-term challenges around medical devices
  • Plan ahead for possible incidents

For more information about Iseman, Cunningham, Riester & Hyde LLP, please visit the International Society of Primerus Law Firms.