Ransomware Healthcare Financial Patient Loss

Ransomware attacks have only gained momentum since they became a digital threat. Healthcare organizations are the most targeted groups for ransomware attacks due to the sensitive protected health information (PHI) that they store. These attacks result in financial losses and potential downtime for a healthcare system, which may affect patient care.

Financial Losses Due to Ransomware in Healthcare

Ransomware, by definition, is the act of infecting a computer system and holding data hostage until the owner or user pays a fee to release the information. As you can imagine in the healthcare industry, this fee is astronomical given the worth of PHI on the dark web. Healthcare organizations spend an average of $429 per stolen record and according to healthitsecurity.com, the average healthcare organization spent $1.4 million to recover from a cyberattack. These resources are used to:

  • Create a stronger response plan
  • Educate employees on proper cybersecurity practices
  • Advertise after an attack to gain back credibility with the public
  • Bad software installation

This financial loss is also due to the downtime that a health organization experiences. Without an influx of patients and thus money from insurance companies, the facility will take a large blow to their average financial gain.

Loss of Ability to Provide Patient Care

One of the largest issues for hospitals and other healthcare organizations is the recovery time after a ransomware attack. Smaller hospitals and rural care centers don’t have the operating budget to deal with excessive downtime and in many cases, a cyberattack will put them out of business. Security company Emsisoft quoted a county CIO who said the average ransomware incident results in 287 days of recovery time.

During this time, patients have to be directed to other hospitals, medical records are inaccessible, no new patients are admitted and procedures are cancelled. In 2019 alone, 764 organizations in the healthcare sector were impacted by ransomware. Some of the larger occurrences were:

  • Campbell County Health in Wyoming was forced to suspend services including radiology, endocrinology, and respiratory therapy after an attack in October locked up their medical devices.
  • An attack on Wood Ranch medical in California prevented the access of over 5,000 patient files.
  • The Brookside ENT and Hearing Services had to permanently shut its doors after a ransomware incident destroyed all of the Electronic Health Records (EHR). The worst part of this situation was that there was no way for the organization to even contact the patients and let them know of the closing.

Starting from Scratch with New Storage

After an attack, part of restoring a health organization to its former working order requires a complete overhaul of digital systems. Safetydevices.com said that 99% of multiple service providers say Windows operating systems are targeted most frequently by ransomware attacks. Software as a Service (SaaS) applications are also commonly targeted. Performing frequent software updates is a step, but many IoT medical devices are unable to be updated, resulting in the need for higher security on this technology.

Healthitsecurity.com said that data shows that healthcare providers are unaware of 25 to 40 percent of the devices living on their networks, which is another issue that needs to be addressed after an attack. Knowing exactly what data is stored and where the first step in properly securing it from hackers. Using up-to-date software that sends patch updates and having a proper backup solution is a close second.

Encrypted Solutions

A storage device with patient information that isn’t connected to a network is a secure way to protect files in the event your organization is hit by ransomware. Even with the highest security levels on your internal systems, one click on a malicious email results in thousands of dollars in damage control. Having an encrypted backup storage solution will ensure you don’t experience downtime even if you are attacked.

VP from Forescout Technology, Tom Dolan, said that if a healthcare provider doesn’t have the resources to bolster their cybersecurity team, then he recommends they move the liability to an outside vendor. SecureData offers a line of hardware encrypted external hard drives and flash drives that put you in control while keeping your data off of any servers.

The SecureDrive products offer two-factor authentication, brute force anti-hacking, and are pre-loaded with anti-virus to protect data even if the host system has a virus. They are OS independent devices and have storage capacities up to 8TB. Learn more about how these devices can save sensitive information in the case of a ransomware attack by calling 1-800-875-3230.