Healthcare Best Practices in the Threat of + Recovery from Cyberattacks

Technological solutions to solve problems in healthcare and optimize care delivery should always include the recognition of the threat cyberattacks pose. It In the 7th Annual Becker's Health IT + Digital Health + RCM Annual Meeting, held virtually October 10 to 12, panelists discussed the concerns they had about the uses of technology in healthcare, especially when considering security risk to confidential patient information. 

 The “What Keeps CIOs Up at Night: Cybersecurity, Health Equity and More” panel began by discussing the issues that are of greatest concern to them. “Cybersecurity is number one, hands down,” said Andrea Daugherty, interim chief Information officer and director of Security and Infrastructure at the Dell School of Medicine and University of Texas Health Austin. “The cyber threats in healthcare are at an all-time high, [and] cyber insurance is at an all-time high.” Daugherty also mentioned that it is important to protect patient’s data, as operating models change and healthcare organizations continue to digitize.   

Edward Lee, MD, associate executive director at The Permanente Medical Group and executive vice president and chief information officer at The Permanente Federation, echoed Daugherty’s sentiments. “Cybersecurity is on the rise in the healthcare industry, and I think we have a special responsibility there. We have our patients to keep in mind,” he said.  According to Dr. Lee, healthcare organizations must remain vigilant as biomedical devices are more susceptible than ever to cyberattacks. “A life-threatening issue could be related to a biomedical device that is connected to the internet,” Dr. Lee said. “Like an IV [intravenous] pump that is hacked and set to administer the wrong dose of a medication or a mechanical ventilator that is hacked.”   

Considering the threat cyberattacks pose, Jeff Gautney the chief information officer at RUSH Health System, believes that healthcare organizations should place a similar level of investment in their ability to recover from a cyberattack, as they do in the prevention of one. “I think one of the challenges that we are all facing is that we have poured so much investment into prevention and guarding the borders, but not as much into incidence response and recognition,” he said. “No matter how good our guardians are, eventually we all end up facing some type of [cyber] event.”  

Dr. Lee shares a similar belief about the importance of healthcare organizations having the ability to recover well and quickly from cyber events. “Unfortunately, at some point, there is going to be a cyber event,” he said. “It is important to make sure that you can detect that malware is in your network as quickly as possible.” Dr. Lee believes that time is key when dealing with a cyberattack. “You must contain, diagnose, and eradicate the threat as quickly as possible,” he said.  

According to Dr. Lee, a major consequence of a cyberattack is the erosion of trust between patients and their healthcare providers. Patients who do not trust their healthcare organization are less likely to come in for an office visit, take their prescribed medication, or follow the advice of their physician. “It is difficult to get that trust back if something were to happen,” Dr. Lee explained. “Using a strategic vision to make sure that trust is maintained is very important.”  

To prevent this erosion of trust, each panelist offered solutions healthcare organizations can implement to strengthen their resilience against cyberattacks—with partnerships (vendor and stakeholder related) being the major theme of each suggestion. “It has been extremely hard recruiting and retaining talent in cybersecurity, so we have found some great partners to help support and protect us,” Daugherty shared. “Being able to find good partners is instrumental.”  

While Daugherty’s comments focused on external partnerships, Dr. Lee highlighted the importance of internal, stakeholder partnerships. “I think we have to look at it in a holistic way. Involve all the stakeholders that need to be involved,” he said. “It is a shared responsibility across the organization, [and] we are only as strong as the weakest link.” Fortifying the weakest link is a major concern of Gautneys,’ who believes that ensuring remote workers are protected against cyberattacks is important for maintaining a healthcare organization’s safety and integrity.   

Competing priorities can often make it difficult for healthcare organizations to streamline their resources toward one issue. “We can all agree that cyber is a priority, we can all agree that health equity is a priority. When everything is a priority, how do we make sure that all this work gets done?” Dr. Lee asked. Each panelist agreed that strategic planning is the answer. “Installing [a program] only gets you so far. You need to make sure that there is an ability to maintain and grow after [a program] has been put in,” Dr. Lee said. “It takes a long-term strategic plan to be able to achieve this.”