by As if doctor attrition, a nursing shortage, and a global sense of burnout weren’t enough to unravel an already depleted healthcare industry, cybersecurity breaches have become an inescapable plague on the healthcare system. These violations are now occurring not only more frequently, but also involve violations of increasing severity.
Last week, CommonSpirit, the second-largest nonprofit hospital chain in the United States, based in Chicago, reported a cyberattack that forced the system to reschedule crucial appointments and even take certain IT systems offline until it was mounted. the right answer. Given that the hospital system comprises more than 140 facilities in nearly 21 states, one can imagine the catastrophic cost in both monetary and patient efficiency terms caused by this gap.
CommonSpirit is certainly not the only institution to have faced this devastation in recent years. It joins the ranks of many other healthcare organizations that have found similar breaches, highlighting just how vulnerable the healthcare system is to cybersecurity.
Rick Pollack, president and CEO of the American Hospital Association, wrote in a recent article: “The health care field remains a top target for cybercriminals. According to data from the Department of Health and Human Services (HHS), there has been an 84% increase in the number of data breaches against healthcare organizations between 2018 and 2021. […] The attacks have different objectives and vary in severity. In some cases, cybercriminals steal Social Security numbers and other personal information. Other breaches pose a direct threat to patient safety by shutting down or compromising medical equipment and systems that are critical to patient care.”
WASHINGTON, DC – AUGUST 25: US President Joe Biden speaks during a meeting on cybersecurity at … [+]
The government also recognizes this very serious threat. Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technology in the Biden Administration, has indicated that health care is a major focus area for the White House regarding security infrastructure. Government and healthcare officials are also expecting new legislation in the coming months that will better strategize the way forward regarding the healthcare security landscape.
The reason for all this concern? While cybersecurity can cost the system billions of dollars in lost revenue or payments, the most serious and sinister consequence is that it can very tangibly affect the lives of patients. If a cyberattack renders a healthcare facility or organization inoperable, patients requiring timely care may not be able to obtain it. Take, for example, the case of a German woman who was forced to redirect to a distant hospital and died due to treatment delays, simply because the closest hospital to her was closed due to a ransomware attack.
Consistently, millions of people around the world and in the United States already have poor access to health care. It is a well-known fact that there is a significant shortage of health care providers, which means that patients often have to wait weeks or months before they can see a doctor. Therefore, when attacks similar to the one CommonSpirit is facing occur and cause delays in patient care, they can lead to a significant deterioration in the health conditions of millions of people and communities around the world.
Indeed, cybersecurity breaches have significant repercussions, especially when they can affect patients’ lives in very tangible ways. Therefore, without a doubt, cybersecurity infrastructure must become a priority for government and healthcare leaders.
