According to the NY Times, many public and private healthcare organizations are overwhelmed by faxes and paper workflows for Covid-19 testing and tracking and are looking for digital solutions to rapidly scale to meet the exponential growth in demand for their services.
In September of 2020 amid the COVID-19 pandemic, the computer systems of a major U.S. hospital chain, Universal Health Services, representing over 400 locations, came under a ransomware attack. Over the course of a weekend, all computers went down and staff was rendered digitally powerless and forced to function manually via pen and paper, including updating patient information and handwritten prescriptions. This example, among many others, serves as a reminder that no one organization or person is safe from a potential cyber-attack. Oftentimes the best defense is being well-prepared for the inevitable.
Statistics compiled by Techjury reveal that in the last decade, there have been over 2,550 data breaches in the U.S. healthcare industry, with millions of records being affected. If this is not enough to heighten the level of concern of several healthcare companies, the next statistic will. By the end of 2020, security breaches are expected to cost the healthcare industry 6 trillion dollars. This is a significant increase from the $3 trillion figure projected in 2017.
The COVID-19 pandemic continues to move dangerously through countries across the world. Its effects can be felt by businesses, large and small, that have had to shut their doors for an extended period of time in hopes of slowing its spread.
Throughout this time, hospitals have been our most essential resource in terms of battling the pandemic and caring for patients. Walk-in clinics and other healthcare facilities that are not hospitals have had to shut their doors, opting to care for patients through telehealth systems instead. Though we will not know the extent of mass telehealth use and adoption until after economies open, and the virus is behind us, we can draw safe conclusions to the fact that they have been well widely-used by patients thus far.
At the onset of the Covid-19 pandemic, many healthcare providers were sent "scrambling" to transition their clinics from in-person to telehealth operations. The U.S. Department of Health and Human Services (HHS) moved quickly to ease regulations for healthcare providers, ridding them of some of the stress associated with meeting certain HIPAA compliance criteria.
There has been exponential growth in cyberattacks since the onset of the COVID-19 pandemic.
- FBI investigators have observed a 300% increase in cybercrime events
- The first half of 2020 logged more than 445 million cyber attacks
- In March of 2020 alone, COVID-19-themed spear phishing emails skyrocketed 667%
Nowadays, more than ever before, we are reminded to stay on top of our hygiene. Whether it is frequently washing our hands, sanitizing work stations, or keeping our distance from others, regular practice is key to preventing illness.
As we develop routines to keep ourselves physically clean, it is important to ensure that we also do not neglect the regular protocols that our technology demands. From computers to mobile phones and everything in-between, there are approximately 200 billion connected devices worldwide. These very devices are often home to our most sensitive data. Keeping these items safe from hackers, viruses, and malfunctions requires regular upkeep. With this in mind, we have a few important considerations for building out a new or stronger "immune" system for your cybersecurity hygiene plan.
In the past, the concept of cybersecurity and innovation complementing each other was considered odd. Today, it is not only normal, but expected from CIOs. However, the stereotype that digital transformations and other forms of innovation would increase the occurrence of security incidents continues to affect organizational development.
One of HIPAA's most crucial administrative safeguards is the implementation of "policies and procedures to prevent, detect, contain, and correct security violations." This particular safeguard requires a great focus on risk analysis and management, reducing risk, as well as implementing the necessary measures to keep vulnerabilities at a reasonable level.