Sunday, February 18, 2024

Cyber vulnerability in Healthcare

                      

Have we done what we can do to prevent malware attacks on our health systems?  Connecticut Attorney General William Tong was notified recently of a summer 2023 attack that may have affected 109,728 people in that state .. a breach confirmed on only 3 hospitals.

“As you are aware, on August 1, 2023, Prospect Medical learned of a data security incident that disrupted the operations of some of its Information Technology (“IT”) systems. Prospect Medical immediately took steps to secure its systems, contain the incident, and notify law enforcement. Additionally, a third-party forensic firm was engaged to conduct an investigation.”

Data stolen included "patients’ names, addresses, dates of birth, diagnoses, lab results, medications, insurance, and financial data."

Would Joel Vengko suggest that Hartford Health is immune to any such attacks?


According to a March 2023 article in LRV Health, "Joel Vengco started his thesis during the third year of <his> MD-PhD program ... the beginning of the end of his time in medical school, <transforming> his career path ... <to> using data to transform the healthcare industry." Dr. Vengko is focused on innovation, but he isn't ignoring cyber security.

Fierce Healthcare reported in December 2023 that "As of mid-December, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) had received 541 notices of data breaches affecting more than 500 individuals during 2023. Among these were incidents that compromised the information of millions, or even tens of millions, of individuals, as was the case with this summer’s high-profile breach at HCA Healthcare."

So Marty Paslick, CIO of HCA, would have to admit that "attacks forced healthcare providers to adjust their workflows or interrupt services due to lockups of their computer systems."  The Fierce article goes on to quote Mike Hamilton, CIO at Critical Insight, to the effect that  the risk of attack is obviously “escalating, and that the tactics are changing....” 

"Beyond the threat to patients’ lives, these incidents can have a lasting impact on the financial health of a provider organization."  Proactive work is essential... inspiring eWISE focus to help... specifically in the domain of obsolete devices (which pose a large vulnerability unique to the healthcare industry).