Hospitals Vulnerable to Camouflaged Malware Infiltration

Data security in the healthcare industry is crucial for patient health and safety. By using camouflaged old malware, cyber attackers have been able to penetrate existing data systems. Old malware using a new identity render these viruses unidentifiable by antivirus systems used in the healthcare industry.

Hospitals & Malware

The rising number of cyber attacks targeting the healthcare industry is sparking concern among healthcare providers worldwide. In fact, IBM research shows that healthcare is now the most frequently attacked industry. These attacks can target insulin pumps and MRI machines, equipment used to save lives. Hospitals need to have accurate data to keep their patients' health safe and improving by obtaining software applications with top-notch security programs.

Using camouflaged malware on healthcare organizations has been incredibly successful for attackers. Data breaches cost the healthcare industry $6.2 billion annually and affect 89% of organizations within the industry, making it a very lucrative target for hackers. This means healthcare organizations should develop backup data systems to mitigate the effects of an attack. Backup systems can protect organizations from being forced to pay ransoms for lost data. The Methodist Hospital in Hendersen, KY declared an internal state of emergency this March following an attack because they had no automated backup system. Likewise, Presbyterian Medical Center in Los Angeles paid a $17,000 ransom after being attacked by malware. Maintaining tested backups of critical data is a must for this high risk industry. Without backup data, these organizations must make a decision whether to pay the ransom or lose the data.

Hospitals must carefully construct a Service Level Agreement (SLA) with their application providers to ensure their information cannot be accessed or changed by a third-party. A third-party agreement with a HIPAA-covered provider, like Giva, means that the hospital is no longer completely liable for a data breach. The third-party service provider is contractually bound to protect personal health information (PHI). With a trusted service provider such as Giva, hospitals can remain fully focused on caring for their patients.

With our HIPAA-compliant solutions, Giva has a proven commitment to compliance working with consumers in the healthcare industry. MetroHealth partnered with Giva with a signed Business Associate Agreement (BAA) to ensure their IT support is most compatible with healthcare security requirements. Giva has also helped Athens Regional Health System achieve a 90% SLA compliance with its customers. Contact Giva for more information on how we may assist your organization in ensuring its IT support/PHI/eHR data safety.