Only a few years ago, cyber attacks on healthcare organizations were sporadic and generally on the small side. Now, attacks are all too frequent, huge and often sponsored by nation-states, particularly China, North Korea and Russia.

They are looking for financial, economic or political (espionage) advantage, says Kurt Long, CEO at FairWarning, a vendor of breach detection software. “The motivations are something even I never previously considered,” he adds. “Medical ID theft I imaged, but not state-sponsored cyber attacks.”

What’s happening in healthcare is that a new set of bad actors have assigned a new value to health information, Long explains. It could be ransomware—holding data hostage until large sums of money are paid—which is exactly what recently happened at Hollywood Presbyterian Medical Center in California. It could be blackmail by hacking the health records of a diplomat or government contractor and compromising them. Or, an attack could be cause-based, with “hackavists” targeting an organization that they believe is doing wrong.

During a session at HIMSS16 on March 2, Long will explain where the industry is in its fight against cyber attacks, and how it got here. The electronic health records meaningful use program succeeded in substantially automating patient information. Providers were buying or replacing EHRs that now are easy targets for data, even as the industry was consolidating and aggregating more information in larger data warehouses, he says. As a result, security wasn’t given the priority that it should have received.

HIMSS Session 123, “Escalated Threats to PHI Require a New Approach to Privacy and Security,” is scheduled March 2 at 11:30 in Galileo 1001.

In large part, there remains a belief in healthcare that every dollar that goes toward security is a dollar not being spent on patient care, “and that type of thinking has to come to an end,” Long contends. “There has to be a new belief that privacy and security are an absolute necessity, but that belief still is not broadly shared. Healthcare is still not aligned with patient interests around privacy and security.”

Chief information officers and chief security information officers must move away from the idea that what is needed in an impenetrable defense, Long warns. The reality is that organizations already have a breach and often don’t know it for several months. “The new belief has to be to prove we’re secure at least for today, and assume you have been breached until certain you have not.”

Long also will speak on the value of emerging real-time analytics to assess an organization’s security posture, using data from the EHR and other systems, and not running one report each day. Real-time analyses can show who is logged into the network, from where, how long they have been in the network, how many times they logged in, if they are accessing records from a location they never have accessed before, or if they are accessing far more records than normal. Such suspicious behaviors, being shown in real time, could be a hacker using an employee’s credentials.

Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access