Within the past few months, hospitals across the world have suffered from cyber attacks, resulting in massive data breaches and workflow stagnancy. The enhanced interoperability of electronic health records (EHRs) and medical devices is increasing the efficiency of healthcare delivery and providing greater access to patients. Yet, as healthcare practices welcome the Internet of Things, or the inter-networking of physical devices, and integrate EHRs, system vulnerabilities will only become more prominent. The healthcare industry must prioritize security in delivering quality care beyond complying with HIPAA. Current measures, however, lack standardization and seem to hinder, rather than promote, health care delivery.
With cybersecurity added to the medical lexicon, doctors and other professionals in the field must discover new measures to adapt to the accompanying risks and challenges. As a multi-billion dollar industry, filled with intimate personal information, the healthcare industry is an attractive target for hackers seeking to undermine trust, access financial information, or acquire ransoms. A common attack — ransomware — is often used for its attractive high return on low input costs. Usually found in easily shareable and downloadable file attachments, ransomware encrypts databases to the point where they are indecipherable and unusable to users. As healthcare delivery is critical and urgent, most hospitals, with patients in the waiting room, do not have the luxury of time for data to be restored or recovered.