There are some places where we take system security for granted. We expect that we’ll need to protect our financial information in case of phishing scams or if a retailer gets hacked. But what about a security attack on a hospital? If you experience a medical emergency, the last thing you want to hear is that you can’t get the treatment you need because the hospital’s security system fell victim to ransomware.
Unfortunately, these kinds of attacks are a reality many hospitals and other critical entities like police departments and state and local governments must face. Ransomware attacks have become increasingly popular in the last few years. The number of health care systems who have experienced security breaches has increased 20 percent in 2019 compared to 2018. Roughly 38 million health care customers have had their medical records breached.
How ransomware impacts health
When hospitals lose control of their system, it can affect not only that building but the entire system, impacting other hospitals, clinics and offices in the area. But once the hospital pays the ransom and regains control of their systems, the problems don’t end.
According to a report published in Health Services Research, the mortality rate at hospitals increases in the months after a cyberattack. This isn’t due to the hackers making malicious medical diagnoses. Instead, the fatal errors occur as a result of how the health care system reacts after the breach.
Naturally, administrators will install better security systems to avoid another attack. Preventive measures include stronger passwords and two-factor authentication. While these are obvious cybersecurity protections, they slow medical professionals who quickly need access to information to make life-or-death decisions. This is proving particularly fatal for health professionals providing cardiac care.
Research shows that fatalities increased by as many as 36 deaths per 10,000 heart attacks at hospitals that recently experienced a data breach. Heart attacks are among the most common medical emergencies and require fast action for patients to survive.
The report’s authors looked at hospitals who have reported a data breach involving more than 500 patients from 2012 to 2016. They examined the time it took a patient to get from the emergency room entrance to receiving an electrocardiogram (EKG). They also looked at the 30-day mortality rate for heart attacks. They compared the results from 311 hospitals that had had data breaches to 3,025 Medicare-certified hospitals.
The researchers discovered the time to receive an EKG increased by as much as 2.7 minutes after the data breach. The lag was still as high as two minutes three or four years after the incident. Those seconds impact the 30-day mortality rate and a patient’s chance at survival.
The research only looked at heart attacks, but cybersecurity breaches impact much more than this one critical ailment. Weaknesses in cybersecurity make it much easier for hackers to exploit the system, in this case leading to fatal consequences.
Let IDMI.Net help you improve your website security to protect your users. Contact us today.