"How Healthcare Cyberattacks Can Impact Patient Safety, Care Delivery"

Healthcare cyberattacks have been known to endanger patient safety and negatively impact care delivery, in addition to causing documented financial losses and reputational harm. Proofpoint commissioned Ponemon Institute to survey IT and security professionals in the healthcare sector to get further insight into how various types of healthcare cyberattacks can impact patient safety. The survey included self-reported responses from 641 field experts. The researchers behind this study focused on four common healthcare cyberattacks, which are ransomware attacks, Business Email Compromise (BEC) attacks, cloud compromises, and supply chain attacks. Almost 90 percent of all survey respondents said their organizations had experienced at least one cyberattack in the previous year. Although correlation and causation are difficult to establish with absolute certainty, the survey findings revealed that respondents with daily experience in the field have experienced the tangible impacts of a cyberattack on patient care at alarming rates. When asked how a ransomware attack affected patient safety and care delivery within their organizations, 64 percent reported delays in procedures and tests. Furthermore, 24 percent of the respondents reported increased mortality rates, and 59 percent said cyberattacks resulted in more extended stays. Half of those polled reported increased patient transfers to other facilities. Ransomware attacks appeared to have the greatest impact on patient safety across the board. Over 70 percent of those surveyed believed their organizations are vulnerable to ransomware. Although there are serious concerns about various attack vectors and vulnerabilities, healthcare cybersecurity experts continue to struggle to obtain the resources required to truly prioritize cybersecurity. More than half of the respondents cited a lack of in-house expertise as a significant barrier to maintaining an effective cybersecurity posture, and half cited a lack of collaboration with other functions. Nearly half said their organizations lacked sufficient staffing, and 41 percent cited budget constraints as a bottleneck. Of the respondents, 40 percent stated that cybersecurity was not a priority within their organizations. This article continues to discuss key findings from the study on cybersecurity in healthcare, as well as the cost and impact of cyberattacks on patient safety and care. 

HealthITSecurity reports "How Healthcare Cyberattacks Can Impact Patient Safety, Care Delivery"