Healthcare Data Security: Protect Patients by Protecting Their Data


In today’s digital world, a healthcare provider’s relationship with patients doesn’t end at the conclusion of an appointment. Healthcare organizations must now go above and beyond to not only provide excellent care, but also protect patient data, a monumental task in an industry that constantly generates data and is vulnerable to attacks that cause downtime.

In fact, a recent report found that 83 percent of healthcare Chief Information Security Officers (CISOs) have seen the number of cyberattacks rapidly increase in the past year, with 45 percent experiencing cyberattacks focused on destroying data.

With the prevalence of cyberattacks targeted at healthcare organizations, fending off attacks and downtime that threaten patient care and violate regulatory compliance has become just as important as fending off the flu.


The healthcare industry is not immune to ransomware attacks and data breaches

Ransomware attacks could be considered the modern-day plaque, with high-profile attacks hitting healthcare organizations seemingly every day. This year alone the United States has seen epic ransomware attacks, from New York’s Olean Medical Group to California’s Seneca Nation Health System.

But organizations outside of the United States are being attacked as well. In 2017, the WannaCry outbreak attacked the United Kingdom’s National Health Service, causing disruption for several days. And the June 2017 NotPetya attack was one of the largest of all times, affecting computers globally including in Tasmania and Copenhagen and causing $10 billion in damage.

Even the most vigilant healthcare organizations experience threats. Sutter Health, a Northern California health care system that serves over 3 million patients, has a robust cybersecurity and disaster recovery program in place that deals with countless cyberattacks daily. In 2018, Sutter Health reported it was hit with around 87 billion cyberthreats.

Planned or unplanned, downtime impacts patient experience

It’s not unusual in today’s digital economy for doctors and nurses to carry laptops or tablets into patient rooms to access patient history, input vitals, and send prescriptions to pharmacies.

Imagine you walk into your doctor’s appointment and they have reverted back to using pen and paper. You may think nothing of it, when in fact it could be a big deal.

That’s what happened at the East Ohio Regional Hospital and Ohio Valley Medical Center when their systems went down due to a ransomware attack. Emergency room patients had to be diverted to other hospitals and the staff went back to paper charting to ensure patient data protection. Despite the facilities’ redundant security measures, the attack was able to penetrate the first layer of security but not the second layer. IT teams worked around the clock to get the systems back online, with their ultimate goal to protect the integrity of patient data.

While downtime due to ransomware attacks can wreak havoc on a medical facility, even planned downtime can have a negative impact on patients.

Consider the scheduled maintenance during the 2019 open enrollment period for in the United States. For 12 hours on Sunday mornings during open enrollment, the site was unavailable for routine maintenance to make updates and improvements to the system. While the Department of Health and Human Services (HHS) made sure the downtime was scheduled during low enrollment periods and ultimately didn’t use the full 60 hours of maintenance, critics said the downtime could potentially hinder users from enrolling in their healthcare plans.

Exceed patient expectations by protecting their data

Providing quality care is critical to meeting patient expectations, but if your systems and data are affected by ransomware and downtime, you are putting patients at risk. Are you confident that your current data protection solution is able to meet the evolving challenges facing the healthcare industry – from ransomware protection to downtime to patient data security?

Ensure your data never gets breached or leaked with a trusted data protection solution from Arcserve.  Arcserve Unified Data Protection (UDP) offers better data protection when patient survival is at stake.