Across the healthcare industry, medical diagnoses, patient care, and back-office administration are being digitized—driven by both the need for greater efficiency in a highly inefficient patchwork of systems as well as government mandates. With a range of other digital initiatives occurring on many levels, from intelligent devices and monitors to telemedicine, new vistas are opening for healthcare, providing physicians and caregivers real-time access to patient data and appropriate therapies, as well as connecting patients directly to clinicians and organizations. Ultimately, digital transformation will lead to improved patient outcomes—a top priority for every healthcare organization.
The rise of digital healthcare makes cybersecurity even more critical, particularly with the strict regulations intended to protect patient privacy. Healthcare systems
and capabilities are expanding rapidly, which means larger attack surfaces that need protection. Central IT systems need to be secure, along with an expanding
network of medical devices and end-user services. Hardware also needs to be secured along with highly sensitive patient data.
Vulnerabilities to cybersecurity attacks have been on the rise at healthcare organizations, according to Richard Temple, vice president, and chief information security officer for the Deborah Heart and Lung Center, which is based in Browns Mills, New Jersey. The threat of attacks has increased since “the value of a stolen medical record is so much greater than the value of, say, a credit card number or a Social Security number. A stolen medical record contains so many unique data points that comprise an individual’s identity, and, at its worst, could allow an imposter to impersonate someone in order to get medical care at no cost and distort the rightful owner’s medical history by having the imposter’s history commingled.”
Chris Gutmann, system director of information technology for clinical engineering at Yale-New Haven Health, agrees that the greatest cybersecurity threat in healthcare is access to patient and employee information. “For verification of billing, a patient’s record contains highly sensitive information, making health systems high-value targets for cyberthieves. The unique challenges to healthcare are the nature and volume of implantable devices in patients, and the never-ending need for real-time data to maintain patients’ healing journeys.”
To better understand how organizations are approaching cybersecurity, Forbes Insights surveyed 1,001 security practitioners and security executives, in partnership with VMware. Data from this survey, which covers a range of industries, is presented in our report “Cybersecurity Trailblazers Make Security Intrinsic To Their Business,” which also outlines how organizations can improve their enterprises’ security posture.
This brief details the findings among the 150 healthcare respondents. Where appropriate, healthcare results are contrasted with the overall sample.