The recent cyber attack on Change Healthcare highlighted the vulnerability of the healthcare industry when threatened by criminal attempts to disrupt its technology and operations. Ransomware attacks caused a chain reaction among healthcare providers, disrupting payment systems, halting cash flow, and worst of all, putting patient safety at risk.
This incident served as a reminder to many healthcare providers that cyberattacks targeting people outside their organizations can still have a significant impact on their daily operations. It is a wake-up call for providers to start considering processes to help protect against these types of incidents in the future.
scope of problem
Healthcare IT systems are an unfortunate magnet for cybercriminals. Medical records are a valuable commodity to sell because they collect and store vast amounts of personal information, including social security numbers, passwords, and other data. Additionally, the sensitive nature of medical data makes it easier to extort organizations once criminals have access to it. This is why ransomware attacks are so common in the healthcare sector.
During the COVID-19 pandemic, healthcare providers have accelerated their use of digital tools to deliver care and continue operations. As a result, healthcare organizations are more vulnerable than they were before 2020 due to their expanded digital footprint. Healthcare organizations now report that cybersecurity is the number one digital investment expected to increase in 2024. Despite these investment priorities, there is a race between cyber resilience and victimization damage. Cyber attackers can do that.
The aftermath of a recent cyberattack caused immediate havoc across healthcare enterprises. Industry experts estimate that disrupted revenue cycle processes are costing healthcare professionals more than $100 million per day. Healthcare providers are forced to rush through manual processes that are inefficient and costly. To manage the switch from automated systems to manual processes, many staff had to be diverted from their core patient care duties.
The long-term impact is not yet clear, but is likely to involve increased financial pressure due to payment delays, business interruption, and costs associated with dealing with the impact of a cybersecurity breach. The American Hospital Association (AHA) warned that the financial burden of the attack would leave many health care providers unable to make payroll.
February's cyber attack reminded providers that actions completely out of their control can negatively impact operations. However, there are ways organizations can mitigate some of the impact of current and future attacks.
Mitigating the fallout of cyberattacks
Cyberattacks against healthcare organizations large and small are frequently reported, making it difficult for healthcare providers to predict who will be their next target. This is why it's important to diversify your vendors as much as possible with a well-tested and implemented business continuity plan. In some cases, it may be easier to rely on one platform for an entire number of processes, but as we saw last month, it leaves the organization overly dependent on one entity. There is a possibility.
Many providers have attempted to switch systems to revive processes that were brought down by recent attacks. However, changing vendors is notoriously difficult and can often take up to 90 days if cash flow is severely affected. Switching preemptively in an organized way is easier than changing vendors in the middle of a crisis.
Given the impact of this cyberattack and the potential for future incidents, providers should also consider how manual substitutions and workarounds can be made more efficient. Minimize disruption by streamlining processes, assigning trained personnel, and planning scenarios.
Precautions to strengthen resilience
The disruption caused by the latest cyber attacks should convince providers that now is the best time to address security. This includes evaluating cybersecurity techniques, risk management, and certification procedures. This attack proved that the healthcare industry is only as strong as a single exploitable link, and all organizations must take steps to strengthen their defenses in the long term.
To achieve this, healthcare organizations must adopt a zero trust security model. It is based on a “never trust, always verify” approach, which limits attack vectors by implementing robust validation at every possible point. These additional security checkpoints make it much more difficult for cybercriminals to break into your system, even if they already have your login credentials.
Healthcare providers also need to ensure they implement 24/7 threat detection. This strategy provides continuous monitoring through managed detection and response (MDR) services. Maintaining such an approach can be difficult for any organization, so using a third-party turnkey solution can help ensure that your security team is ready to respond to any breach attempt, no matter when it occurs. Become.
Cybersecurity requires a continuous effort to monitor risks and vulnerabilities. The threat environment is constantly changing, so organizations need to perform regular vulnerability scans and penetration tests to stay ahead of the curve.
next step
Unfortunately, cyber attackers will consider their actions a success. wired The hacker group behind the ransomware attack on Change Healthcare reportedly received a large ransom in Bitcoin, indicating the healthcare industry is a lucrative target and could attract other bad actors. . The FBI reported 249 ransomware attacks against public health and healthcare organizations in 2023, but the actual number is likely much higher. Considering the impact of recent attacks, that number is likely to increase in 2024.
The latest attack on the industry is not the last, and unfortunately not the most destructive. However, by remaining vigilant and preparing for the most catastrophic scenarios, healthcare providers can avoid some of the devastating risks when planning for a growing digital footprint.
This latest attack not only affected IT systems, administrative processes, and revenue. It threatened the quality of care for patients. Only the most robust contingency plan can prevent it from happening again.
Jason Griffin, Managing Director, Digital Health Strategy and Cybersecurity; nordic consulting
Jason is a healthcare IT executive with 25 years of progressive leadership positions and a comprehensive understanding of the industry's evolving digital landscape. Throughout his career, Jason has proven to be a seasoned leader with a talent for building great teams around cybersecurity, EHR planning and implementation, and IT strategic planning. He has a track record of delivering results in difficult and high-stakes environments.
andy adams Managing Director, Performance Improvement and Advisory Services nordic consulting
Andy has over 20 years of professional services experience supporting healthcare clients with strategic decisions that positively impact financial and operational performance. He has advised many leading national healthcare providers on transforming their revenue cycles, transforming patient access, and improving the digital patient experience. His passion is helping clients increase net revenue, reduce operating costs, centralize and standardize operations, implement new IT solutions, and improve performance across a variety of key metrics.