DOTmed Home MRI Oncology Ultrasound Molecular Imaging X-Ray Cardiology Health IT Business Affairs
News Home Parts & Service Operating Room CT Women's Health Proton Therapy Endoscopy HTMs Mobile Imaging
SEARCH
Current Location:
>
> This Story


Log in or Register to rate this News Story
Forward Printable StoryPrint Comment

 

 

Health IT Homepage

Survey finds 4 in 5 US physicians have been hit with a cyberattack HIPAA compliance alone is not cutting it

Siemens launches new teamplay Cardio dashboard app for cardiology departments Provides insight into performance and resources

IBM Watson Health tackles EMR challenges at RSNA Showcased new product and upgrade in current technology

IBM Watson Health unveils breast advisors solution at RSNA Uses imaging analytics

Philips acquires VitalHealth for an undisclosed amount Adds to its population health management portfolio

Experts discuss cybersecurity threats and tips at RSNA Ransomware revenue has increased from $24 million to $1 billion in one year

Philips acquires Forcare Aims to increase interoperability among hospitals and health systems

At RSNA, HIMSS expert shares tips to prevent cyber attacks Annual cybersecurity awareness training is not enough

Philips unveils IQon Elite Spectral CT system and IntelliSpace Portal 10 platform at RSNA Capturing data, then bringing it to life (or printing it)

With AI avalanche, computing company NVIDIA makes first appearance at RSNA How gaming and self-driving cars paved a road to health care

Is a cyber equivalent of 'D-Day' inevitable in the medical industry?

by John W. Mitchell , Senior Correspondent
Hospitals still have too much exposure to cyberattacks, according to an industry expert speaking on a webinar hosted by the American Hospital Association (AHA) on Tuesday.

Bob Chaput, CEO at Clearwater Compliance in Nashville, Tennessee, addressed a range of threats in the hospital cyber protection sector that can be boiled down to a basic challenge.

Story Continues Below Advertisement

Streamline Your Radiology Workflow with RamSoft's PowerServer RIS/PACS

The PowerServer RIS/PACS is a single database application, essential to reducing redundant work, limiting manual data entry, and increasing consistency throughout healthcare practices. Click to learn how it will help you improve patient care and more.



“Organizations must take a more strategic, business-oriented and architectural approach to cyber risk management, and move away from the tactical, technical, spot-welding approach,” Chaput told HCB News.

Chief among his concerns is that a failure to do so is now a — potentially life and death — patient safety issue. Chaput cited the opportunity for a cyber-terrorist to hack into a medical file to change blood types, which would be deadly in a transfusion situation. Or using entry into a hospital HVAC system to shut down cooling to compromise imaging suites or blood storage chillers.

In his presentation, titled “Your Hospital Team’s Guide to Cyber Risk Management," Chaput cited this real possibility of patient assault to a statement by Dr. Christian Dameff, an emergency room physician and expert on cyber vulnerabilities.

“We’re going to have our digital D-Day, our Cyber D-Day, if you will, in medical, and there are going to be patients that die. It’s going to be a big deal,” said Dameff in Health & Fitness.

According to Chaput, there is still a major disconnect among hospital leadership about the cyber threat. He cited two recent surveys to back up his concern. In a recent AHA/SIIM survey, the majority of IT managers said:

- They do not regularly report on Cybersecurity to the C-Suite or the Board.
- There is a lack of resources, such as limited budget and staffing.
- Management is focused more on compliance rather than on security or real-time threat monitoring.
- Cybersecurity is viewed as an IT problem and not a whole hospital threat.
- Their hospital is not ready for a major, targeted cyber-attack.

In a second survey conducted by the Ponemon Institute, Chaput noted that 67 percent of medical device manufacturers believe one of their devices will be hacked in the next 12 months. Yet, he said, the survey also found that two-thirds of health care organizations are unaware of adverse effects to patients due to an unsecured medical device. Further, only 17 percent of medical device makers are taking significant steps to prevent such attacks.

"The health and public health sectors are heading into a risky, perfect digital storm when one considers not only traditional IT systems but additionally, biomedical devices that are part of the Internet of Things and all the building and facilities infrastructure systems and devices that support a hospital's digital ecosystem,” Chaput warned.

For a large hospital or hospital system, he said, there could be as many as 10,000 applications (ranging from billing to meal ordering) using protected patient information to conduct the business of the hospital. All of these are subject to cyber-attack.

Chaput spent much of the webinar outlining a process to implement a solid cybersecurity plan. He advocated using operational principles developed by the National Institute of Standards and Technology (NIST).

But his best advice?

“Health care information is more voluminous, more valuable, more visible and simultaneously more vulnerable than ever before,” said Chaput. He reminded the audience that cybersecurity is not a destination, but a constant journey. "It’s time for the board and C-suite to lead.”

Health IT Homepage


You Must Be Logged In To Post A Comment

Advertise
Increase Your
Brand Awareness
Auctions + Private Sales
Get The
Best Price
Buy Equipment/Parts
Find The
Lowest Price
Daily News
Read The
Latest News
Directory
Browse All
DOTmed Users
Ethics on DOTmed
View Our
Ethics Program
Gold Parts Vendor Program
Receive PH
Requests
Gold Service Dealer Program
Receive RFP/PS
Requests
Healthcare Providers
See all
HCP Tools
Jobs/Training
Find/Fill
A Job
Parts Hunter +EasyPay
Get Parts
Quotes
Recently Certified
View Recently
Certified Users
Recently Rated
View Recently
Certified Users
Rental Central
Rent Equipment
For Less
Sell Equipment/Parts
Get The
Most Money
Service Technicians Forum
Find Help
And Advice
Simple RFP
Get Equipment
Quotes
Virtual Trade Show
Find Service
For Equipment
Access and use of this site is subject to the terms and conditions of our LEGAL NOTICE & PRIVACY NOTICE
Property of and Proprietary to DOTmed.com, Inc. Copyright ©2001-2017 DOTmed.com, Inc.
ALL RIGHTS RESERVED