Cyberattacks on hospitals and health insurers have become a regular occurrence – and breaking news in communities where the breaches take place.
A new tip sheet on health care cybersecurity seeks to help reporters who find themselves covering a cyberattack at their local hospital, medical group or health plan. Typically, the attacked entity will issue a press release with the number of affected patients, approximate date of the attack and response.
While reporters can help get the news out to the public and affected patients about the attack, they also can ask important questions about the security of consumer information in the race to adopt new technology.
This summer, hackers breached the systems of one of the largest hospital chains in the Southwest putting the issue of health care cybersecurity back into the spotlight.
Personal information – medical records, financials and health plan information – of up to 3.7 million people may have been compromised, according to Phoenix-based Banner Health and The Arizona Republic. The attack was initiated in June.
Hospital adoption of electronic medical records has happened at a breathtaking pace. Cyberattackers are increasingly savvy. By contrast, many providers lack the skills, technology and financial resources necessary to safeguard these new electronic data systems.
Eighty-five percent of health IT security providers are increasing cybersecurity awareness but the vast majority say they lack the resources or personnel to instill better cybersecurity practices, according to a survey by HIMSS released in August.
Reporters can do a public service by getting the word out to their communities when these attacks happen. Reporters can also go beyond a one-day story to probe the adequacy of security systems at health care entities in their region.