Last year, the Wall Street Journal reported that Campbell County Health, a 90-bed community hospital was hacked, and attackers demanded a ransom before they would unlock the organization’s computers. The hospital was forced to cancel services including radiology, endocrinology and respiratory therapy while patients had to travel as far as South Dakota for service.
Sadly, this is not an uncommon experience. Cyberattacks have forced doctors, dentists and community hospitals around the country to shut down service or even close their doors forever. Health organizations have a wealth of medical and billing information which makes them an attractive and lucrative target for hackers. Unfortunately, many health care services can’t afford to hire a dedicated cybersecurity specialist to monitor and patch their systems. In other words, many health care providers may have a predisposition to be susceptible to cyber-infections.
Condition Critical: Cybersecurity
When the American College of Surgeons (ACOS) in 1928 established the goal of improving the standards of records created in clinical settings, they inadvertently created an Information Technology headache. Major resources are required to support internal IT functions 7x24x365 to meet the stringent regulations and privacy rules medical organizations operate within. And with the rise of cybercrime, the Data Security and Service Desk/Clinical Support teams within a hospital or clinic are being stretched to the breaking point.
Transitioning to Managed IT Services for these and other functions can make it possible for healthcare IT teams to provide the Service Levels their clinicians and administrators require, but at a lower-cost and with higher effectiveness and security.
Therapy for Your IT Department
When a Managed Services provider provides clinical support, it takes the burden of data security and management off your IT team. That can provide relief in several ways:
- Eliminate the need for onsite data centers
- Provide higher levels of cybersecurity services
- Free up IT resources for clinical applications and growing the business
Of these benefits, the most immediate and pressing is cybersecurity. According to a new report published by Carbon Black, we now know exactly how hackers use stolen healthcare data to their benefit. The report highlighted four different kinds of cyber heists:
- Hacking provider data to steal administrative paperwork — like medical licenses — to forge a doctor’s identity. This data sells on the dark web for around $500.
- Hacking an insurance provider’s login information and then selling it to a buyer, who can then reset the credentials to the database and take a victim’s identity to claim insurance. This can effectively cripple a hospital’s access to patient records and other critical systems.
- Forging health insurance cards, prescriptions, and drug labels with an intention to carry drugs through the airport.
- Using hacked personal health information against individuals who have health issues for extortion and other crimes.
The report also included a survey of a number of chief information security officers (CISOs) from the industry. According to the survey results, 83 percent of surveyed healthcare organizations said they’ve seen an increase in cyberattacks in the last 12 months. Nearly half (45 percent) of the companies said they’ve encountered attacks focused on information destruction over the past year.
There is a Prescription for This Condition
Last summer, Brookside ENT and Hearing Center, a small medical practice in Battle Creek, Michigan, was hacked and held for ransom by cyber criminals.
Dr. William Scalf told local news that a ransomware attack had debilitated his office computer systems and, as of April, Brookside ENT and Hearing Center is no more. More recently, a ransomware incident in August forced Wood Ranch Medical in Simi Valley, Calif., to close its doors, according to a note posted on its website.
Unfortunately, this kind of story is becoming depressingly common. According to National Cyber Security Alliance, 60 percent of small businesses fold within 6 months of a cyber-attack. But as you can see in this case study, a Managed IT cybersecurity service can protect an organization even if hackers do manage to infiltrate your computer systems.
This is why GFC has made cybersecurity a mandatory component of our Managed IT Services offering. If you’re looking for a modern, multi-layered approach to cybersecurity, leverage the knowledge of a Managed IT provider that specializes in helping SMBs deploy world-class cybersecurity services. Reach out to the team at the Gordon Flesch Company today and be sure to check out our Guide to Managed IT for free now!