Patients renew demands for better protection of medical records
The publicity around the recent WannaCry ransomware onslaught has raised the awareness of patients, and the ransomware attack has renewed their demands that providers protect their sensitive health information.
That’s evident from the results of a recently completed survey, which found that 68 percent of consumers said they would consider leaving their healthcare provider if it was hit by ransomware.
Carbon Black, a security firm specializing in protecting network endpoints, conducted the survey of 5,000 individuals the weekend that the WannaCry ransomware event was gaining international headlines, as it crippled facilities in the United Kingdom’s National Health Service.
The front-page headlines made an impression—57 percent of consumers said WannaCry was their first exposure to how ransomware works.
The survey found that about seven in 10 consumers trust their healthcare providers and financial institutions to keep their data safe and unencumbered by ransom malware, but only 52 percent trust retailers to protect their information, says Michael Viscuso, co-founder and chief technical officer for Carbon Black.
“With financial institutions and healthcare providers, there is often a personal relationship tied to the business (working for years with an advisor or doctor, for example) and an inherent level of trust,” the report concludes. “That trust may translate to a higher level of confidence that the organization always has the consumer’s best interests at heart.”
However, that level of trust comes carries responsibility. Some 68 percent of consumers said they would consider leaving their healthcare provider if their “sensitive information” was taken hostage by a ransomware event. That compares with 72 percent that would leave their financial institution and 70 percent that would not do business with a retailer who was affected.
Consumers responding to the survey overwhelming agreed that it was businesses’ responsibility to protect their information from ransomware events, followed in order by cybersecurity companies/software vendors; software providers, such as Microsoft and Apple; and government organizations.