Healthcare is, and continues to be, a top target for cyber attacks. And statistics show that won’t be changing any time soon. Cyber criminals are after information they can use and the fact of the matter is, medical files contain the very information the criminals are after. The amount of exploitable financial and personal data held within medical files, puts healthcare cybersecurity at major risk.
The American Medical Association surveyed 1,300 physicians and released their findings of the 5 key things a doctor should know to help safeguard their practice-
- Cyberattacks in physician practices are common.
- Cyberattacks cause operational interruptions.
- Most physicians think that ePHI sharing is important.
- Physicians rely on third-party security assistance.
- New technologies bring new challenges.
#1- Cyberattacks in physician practices are common. It has been reported that four out of five physicians have been victim to some form of cyberattack and almost 55% of these physicians fell victim through a phishing scam. There are other methods that have lead to physicians being attacked, including downloading files encrypted with malware or other potent viruses. With the risk that physicians are at for cyberattacks, it is critical that they are aware of this information, as well as trained on what to look for when a phishing email comes to their inbox.
#2- Cyberattacks cause operational interruptions. In all cyberattacks, the repercussions of the attack can lead to a great amount of downtime that interferes with a businesses ability to function at the ability it needs to. Medical practices are no exception. In fact in was reported of those who reported a system shut-down due to a cyberattack 64% were down up to 4 hours, 20% were down 5-7 hours, 12% were down 1-2 days, and 4% were down for over 2 days. If you are in the medical field, think about how much stressed would be caused by a system shutdown of several hours, much less several days. A cyberattack on your practice can cause huge hiccups in your daily functioning.
#3- Most physicians think that ePHI sharing is important. Electronically protected health information is thought to be an important part of medical practices. While this may be true, all ends of the ePHI sharing need to be cybersecure. If one side is not practicing safe cybersecurity, it puts both ends at risk.
#4- Physicians rely on third-party security assistance. 28% of small medical practices reported that they do not outsource their security management but would be interested in doing so. Those who reported having a third-party security assistance saw the benefits of outsourcing their IT needs to IT experts.
#5- New technologies bring new challenges. With the continuation of medical technologies growing, it means that medical practices have more they have to keep up with in terms of security and protecting their information. Security Awareness Training continues to be the best method of practice in educating physicians and medical staff on what they need to do to protect themselves.
Are you in the healthcare industry? Are you aware of the high need to protect yourself? At The IT Company we have experience and training specialized in healthcare cybersecurity. With information as complex and powerful as medical practices have, it is vital to have an IT department you can trust and rely on.
For more tips on cybersecurity hygiene for those in the healthcare industry, follow the AMA’s physician security tips.