Healthcare facilities – such as home health care, assisted living facilities, and nursing homes – are at a high level of risk from cyber-attacks due to the high level of computer-based technology in their facilities. This is not limited to physical computers either; most medical hardware found in healthcare facilities is a computer. MRI scanners, refrigerators, ventilators, certain types of microscopes, and more are computers, and are thus vulnerable to cyber-attacks. If the software in question is outdated or does not have the proper security measures in place, the facility is wide open for attack.
The potential impacts of a healthcare facility’s cyber breach are great. In addition to the obvious potential for disrupting treatments, surgeries, and other facility operations, these facilities contain a great deal of sensitive information. The most lucrative information for hackers can be found in patients’ medical records, as electronic health records contain personally identifiable information (PII) such as social security numbers, health care provider details, credit card information, addresses, treatment history, and, for select facilities, valuable research information. The reputational damage from a cyber breach is also not to be taken lightly; a health care institution’s credibility will be greatly damaged by such an attack.
In order to prevent their networks from falling victim to cyber threats, health care facilities should:
Routinely perform audits of their machinery. Ensure that all software is completely up-to-date and that all technology is performing properly.
Prioritize network security to protect their hospital systems from attack. Segmenting the network will prevent the entire network from being affected if one part is attacked.