Security Risks and Your Healthcare Organization: From Ransomware to Insider Threats
Healthcare IT News quotes a recent Verizon report that spells out big cyber security threats for healthcare providers...
Healthcare IT News quotes a recent Verizon report that spells out big cyber security threats for healthcare providers in the coming years. It turns out that the biggest threats are from inside hospitals themselves — an even bigger risk than external threats like ransomware.
This article, part one in a two-part series, will look at cyber security in healthcare. What are the top security risks in 2018 and how should hospitals prepare? What kind of security precautions should hospitals and medical practices look for in their third-party vendors, including outsourced collections agencies like TSI?
Hospitals and Cyber Security, 2018
Ransomware remains the most malicious software in the digital realm in 2018. According to the Verizon 2018 Data Breach Investigations Report. 39% of all malware is ransomware and this malicious software crosses healthcare to all other sectors of the business community.
Allen Orzech, VP of Enterprise Infrastructure and Information Security at TSI, outlined the current threats from ransomware and other cyber terrorist activities:
The current security threat landscape is rapidly changing in terms of targets and methods, and also the way hackers exploit vulnerabilities to launch attacks. Targets have expanded from traditional attacks within the financial space to attacks on utilities, government, social media, and smaller businesses. Today, there are no exceptions anymore, everyone is at risk!
Ransomware works when an employee at a hospital or medical practice inadvertently clicks on an email attachment and downloads a virus that can infiltrate a hospital network. The virus encrypts files on a hospital’s server and posts a warning message requiring a ransom to be paid to unlock the files. Think this can’t happen to your system? Look at the past year in healthcare:
- January 2018 – Hancock Health paid $55,000 to unlock files infected with ransomware.
- April 2018 – The Center for Orthopaedic Specialists was hit by a ransomware virus that breached 85,000 records.
- April 2018 – UnityPoint Health was hit by an email scam that affected 16,000 patients.
But it should be noted that the spread of this malware comes from the employees themselves. That makes the organization’s own employees a huge threat to their cyber security. Becker’s calls healthcare employees “the weakest link in IT security.”
Hospitals often outsource to third-party vendors so it’s critical that these vendors are extremely diligent in their cyber security practices.
Data Security and Debt Collections
As a debt collection agency at the forefront of healthcare, TSI takes data security extremely seriously. Our state-of-the-art Information Security Management System monitors the threat landscape and helps to safeguard your hospital from ending up on the nightly news as the latest cyber security attack victim.
It is in this area that hospitals can truly benefit from a large, industry-leading collection agency like TSI. Small collection agencies simply do not have the capital to invest in cyber security needed to protect against the ever-changing threat landscape.
All of these security measures have made TSI the number one outsourced debt collection partner for health systems, hospitals, and ambulatory providers. Contact us to find out how we can help your organization.
Want to learn more about TSI? Fill out the form and a TSI representative will contact you shortly.