What is Cybersecurity for Healthcare?

In almost every month of 2020, over 1 million people were affected by data breaches against healthcare organizations. Furthermore, at $7.13 million, the average total cost of a breach was the highest in the healthcare industry. In 2021, this has risen to $9.41 million.

Healthcare organizations are vulnerable to cyber attacks because they possess valuable information that’s very attractive to cybercriminals:

• Patients’ protected health information (PHI) and personally identifying information (PII)
• Patients’ financial information
• Organizations’ intellectual property

This data resides in assets like:

• Hospital information systems
• Remote patient monitoring devices
• Internet of Things (IoT) devices
• Legacy medical devices
• Communication systems

Cybersecurity for healthcare protects electronic data and digital assets from unauthorized access, use, disclosure, manipulation or theft. This aim underpins the importance of cybersecurity in healthcare.

Healthcare Cybersecurity Threats

Ransomware

Ransomware is a huge threat in the healthcare industry. A threat actor deploys ransomware on a medical system to encrypt its files and/or data, and then demands a ransom from the victim to unlock them. In 2021, healthcare ransomware attacks cost an average of $4.62 million per incident.

Phishing

Attackers send fake emails that mimic emails from reputed healthcare organizations. Such attacks are successful because victims are often fooled into disclosing sensitive information with high financial value.

HTTPS Spoofing

Hypertext Transfer Protocol Secure (HTTPS) spoofing is an increasingly common problem for cybersecurity in healthcare 2021. Hackers clone the website of a real healthcare organization and fool users into visiting this fake website, and sharing critical information that they would not have shared if they knew the truth.

Man-in-the-Middle (MitM) Attacks

In a 2020 survey, 62% of healthcare organizations said they had been a victim of an MitM attack in the prior five years. In such attacks, hackers place themselves between healthcare providers, or between patients and providers, to gain unauthorized access to sensitive data. They may also introduce ransomware into patient records, and deny access to them unless the victim pays a ransom.

Malicious Network Traffic

This has been one of the biggest threats to cybersecurity in healthcare 2020 and 2021. Malicious traffic is a connection, file or link created and received over a corrupted or exposed network. It executes malicious operations like illegal software downloads and snooping, or leads to other problems like malware downloads, ransomware attacks or cryptojacking.

Healthcare Cybersecurity Challenges

More Connected Medical Devices

Over the past decade, the use of hyper-connected medical devices has exploded. However, a majority of these devices still operate on legacy platforms, meaning many are not patched properly. These security weaknesses leave healthcare organizations vulnerable to cyberattacks.

Patient Information is Valuable

On the black market and the Dark Net, patients’ medical records are sold for hundreds of dollars. According to Trustwave, a single healthcare data record may be valued at up to $250. 

Remote Access of Devices

With the rise in remote care and telemedicine, medical professionals often use insecure or vulnerable devices to remotely access patients’ medical data. Bad actors could gain control of these devices to steal patients’ data, and even risk human lives.

Inadequate Healthcare Cybersecurity Training

Inadequate healthcare cybersecurity training means that healthcare professionals are not aware of cyber risks, and therefore cannot protect the organisation, patients and themselves from cyber attacks and data breaches.

Cybersecurity Regulations for Healthcare

To secure themselves from cyber threats, healthcare organizations must follow the standard cybersecurity frameworks created by regulatory bodies. One such general framework is the NIST Cybersecurity Framework. It enables healthcare providers to establish processes to minimize cyber risk and identify areas for improvement.

A critical healthcare-specific cybersecurity regulation is the Healthcare Information Portability and Accountability Act (HIPAA). HIPAA directs healthcare companies to protect patient electronic PHI and enforce patient confidentiality.

Other cybersecurity healthcare regulations in the U.S. include:

• Internet of Medical Things Resilience Partnership Act
• Medical Device Cybersecurity Act of 2017

Healthcare Cybersecurity Best Practices

Healthcare organizations must protect their devices and data by following some cybersecurity best practices.

Ensure Uninterrupted Adherence to HIPAA

Between 2003 and 2020, there were almost 75 cases of HIPAA non-compliance that resulted in fines of over $116 million. HIPAA non-compliance for healthcare organizations can be very expensive. That’s why they must comply with the two key components of HIPAA related to healthcare data protection:

• HIPAA Privacy Rule: Implement safeguards to protect patients’ PHI
• HIPAA Security Rule: Secure the use, creation, receipt, and maintenance of patients’ electronic PHI

Implement Adequate Security Controls

In addition to HIPAA-mandated controls, healthcare organizations should also implement other controls to protect data and assets. One is to ensure that patient information is only accessible on a need-to-know basis. Application control and whitelisting of devices, users and applications are also critical.

Maintain Secure Backups

All healthcare providers must maintain secure data backups at offsite locations – ideally a HIPAA-compliant cloud server – so they can access it in case of a breach. Ideally, the backups must be part of a larger business continuity and data recovery plan.

Encrypt All Data

To protect data from intruders, organizations must encrypt both in-transit and at rest data.

Conduct Regular Risk Assessments

Cybersecurity for healthcare should not be an intermittent effort, but a regular and consistent one. Regular risk assessments enables healthcare organizations to spot cybersecurity weaknesses, and quickly fix them before they can lead to data breaches or other kinds of cyber threat events.