Critical Condition: Addressing Cyber-attacks on Healthcare Facilities

Posted on Categories Surveillance

Cyber-attacks are a mounting threat practically impossible to ignore for any individual, let alone a large organization. The past year alone has seen a major increase in cyber-attacks on government agencies, banks, and other major businesses.

Healthcare facilities use policies like HIPAA and HITEC to cover personal health information, often with obligatory breach notifications and potential financial penalties. Nevertheless, they are increasingly vulnerable to data breaches and other cyber-threats. Hackers are particularly interested in accessing health systems and acquiring patient information. Medical records often include social security numbers, dates of birth and other information that can be used for identity theft.

To combat breaches like this, healthcare facilities need intelligent surveillance solutions that keep data secure so patients, visitors, and employees can be rest assured knowing that their sensitive information won’t get into the wrong hands.

The cost of attacks

Though privacy regulation measured such as HIPAA and HITEC exist to protect patient data, recent examples of successful cyber-attacks on healthcare facilities include a 2016 ransomware attack on Hollywood Presbyterian Hospital in Los Angeles; they agreed to pay $17,000 in bitcoin to remove ransomware that infiltrated their surveillance system. In 2018, Hancock Health, a large hospital based in Greenfield, Indiana, paid a $55,000 ransom in a similar incident.

Those ransom payments are just the tip of the iceberg. Lower-profile attacks are often much more expensive. An analysis by Ponemon Institute last year estimated that cyber-attacks cost the average healthcare facility $6.5 million a year.

The targeted facilities are not the only victims of the attack. When a patient enters a doctor’s office, they should be able to expect that the information gathered in that room will not be shared without their authorization. Cyber-attacks undermine that most basic assumption about the doctor-patient relationship that is the foundation of our medical system.

Surveillance systems are targets

Surveillance equipment is a top target for cyber-attacks. For one, criminal organizations can infiltrate the system with the objective of stealing valuable data or shutting it down. Even if a hacker is not interested in the data on the surveillance system, it offers an entry point to the broader IT network, which includes plenty of valuable data as well as devices that can be co-opted to attack other systems.

As hospitals and other healthcare environments seek to protect their data, they need to make sure that their video management systems are also invulnerable to attacks. A critical first step is to work with a surveillance provider who prioritizes cybersecurity with a proactive approach.

Why Pelco?

We view every part of our business through a cybersecurity lens. Our mission is to build cybersecurity into our internal processes so that we are always a few steps ahead of hackers and other cybercriminals. That’s why our cybersecurity team works in tandem with our engineers at every stage of product development.

That’s why discerning customers around the world trust us to provide them with surveillance solutions that keep patients, healthcare professionals, and their data safe all year round.

Learn more about Pelco’s innovative offerings here.