News | Cybersecurity | August 20, 2019

New Report Examines Hospital Cybersecurity Challenges in Georgia

Report summarizes cybersecurity challenges faced by CIOs across the state, highlights recommended actions to protect patient data

August 20, 2019 — Healthcare data breaches are currently being reported at a rate of more than one a day, according to a new report from the nonprofit Institute for Healthcare IT (IHIT). And for those who think it can’t happen to them, the odds are not in their favor. Breaches reported between 2009 and 2018 have resulted in the theft or exposure of almost 190 million healthcare records, a number equal to 59 percent of the U.S. population, according to the HIPAA Journal.

A breach can be problematic for large hospitals with the resources and budget to survive a cyberattack, but it can absolutely devastate a smaller facility, and with it, the surrounding community. That thought started keeping Georgia Sen. Bruce Thompson awake at night a few years ago. He was the impetus behind a grassroots initiative that brought together hospital chief information officers (CIOs) statewide to research and discuss the magnitude of the problem along with measures to support cybersecurity. The efforts of Thompson and the hospital CIOs have been summarized in the new IHIT report, titled “The State of Cybersecurity Among Georgia Hospitals.”

“I learned that a fifth of the nation’s rural hospitals are near insolvency and at a high risk of closing, according to a recent Navigant analysis,” Thompson said. “If you want to watch a rural community die, kill its hospital. After Lower Oconee Community Hospital (Glenwood, Ga.) shut down in 2014, other mainstays of the community followed. The bank and the pharmacy shuttered, and the only grocery store in the county closed. On Main Street, building after building closed or fell into disrepair.”

Hospitals have become a popular target among hackers because the electronic healthcare record (EHR) is worth more than any other data on the black market. Medical records could be worth $1,000 each while social security numbers are just 10 cents and credit card numbers are worth 25 cents.

Beginning in October 2017 and continuing through 2019, Georgia hospital CIOs gathered to explore the issues and determine ways they could work together to make a difference. These meetings included hospital CIOs from across the state, with regional working groups pulling together small groups to discuss specific challenges and exchange ideas on ways to solve them.

Among the top issues were: 

  • Preventing phishing attacks; 
  • Maintaining legacy technology that was not built to withstand the sophistication and volume of today’s cybersecurity attackers; 
  • Managing the increasing number of third-party systems that require access to patient health information; 
  • Grappling with the shortage of IT security talent, especially in rural markets; and
  • Overestimating the protection afforded by cybersecurity insurance policies.

The IHIT report summarizes recommendations from the CIOs around two primary initiatives:  establish a healthcare-specific resource center offering Georgia hospitals and healthcare providers access to the most current cybersecurity tools and information; and establish regional online networks for IT Safe Zones where providers can confidentially share threat and incident response insights.

At the heart of the IHIT recommendations is the need to immediately mobilize both executive branch and legislative resources to prepare for the next cyberattack before it sinks a community hospital, and its community.

Calvin Rhodes, the CIO of the State of Georgia, has embraced the IHIT findings and is working with the hospital CIOs to identify ways to offer support. “We saw a real need to extend the cyber academy training developed for state employees to cities and counties in Georgia, and we want to encourage hospital participation as well. Georgia’s new state-of-the-art Cyber Center is serving companies ranging in size from start-ups to the Fortune 500.”

The state is also offering organizations access to a service that provides a seasoned information security officer who will work with an organization one or more days a week with a one-year commitment. “We’re looking to other states for best practices as well,” said Rhodes. “One item that a couple other states often speak to is the benefits of the formation of a volunteer cyber event response task force; in those states it required legislation that provides liability protection for not only the volunteers but also the companies that employ the volunteers.”

For more information: www.instituteforhealthcareit.org

Related Cybersecurity Content

PODCAST: 5 Low-Cost Ways To Slow Hackers

PODCAST: Hear and Now: How to Boost Cybersecurity in Medical Imaging

Agents of Change: Cybersecurity In A World Of Old And New

VIDEO: Cybersecurity in the Medical Imaging Department

 

Related Content

REiLI AI platform auto segmentation.
News | Artificial Intelligence | November 30, 2019
Fujifilm Showcases Artificial Intelligence Initiative And Advances at RSNA 2019
December 1, 2019 — Fujifilm Medical Systems U.S.A.
read more
PICOM365 Cloud’s anytime, anywhere architecture to include zero-footprint Structured Reporting for complex workflows such as echo, stress, cath SPECT, PET, holter, vascular, OB/GYN, maternal-fetal monitoring and breast ultrasound
News | Archive Cloud Storage | November 27, 2019
ScImage PICOM365 Enterprise Imaging Expands Ubiquitous Access
November 27, 2019 — ScImage, Inc.
read more
USEI monitor
News | Flat Panel Displays | November 25, 2019
USEI Announces Release of 24-inch Monitors
November 25, 2019 – U.S. Electronics, Inc.
read more
Blackford, the centralized medical imaging platform, today announced that it had signed a multi-year agreement with IBM to integrate the Blackford Registration into IBM’s AI-ready workflow platform, Merge PACS
News | PACS | November 25, 2019
IBM selects Blackford Registration for Merge PACS
November 25, 2019 — Blackford, the centralized medica
read more
Zebra Medical Vision announced that its AI1 “all-in-one” bundle of artificial intelligence (AI) products will be available on the Nuance AI Marketplace
News | Artificial Intelligence | November 25, 2019
Zebra Medical Vision Joins Forces with Nuance to Bring More AI to Diagnostic Imaging
November 25, 2019 — ...
read more
enterprise imaging workflow suite
News | Enterprise Imaging | November 21, 2019
Partners Healthcare Selects Laurel Bridge Software for Enterprise-Wide Medical Image Workflow Automation
November 21, 2019 — Laurel Bridge Software, a
read more
Concierge Workflow diverts non-productive, non-clinical tasks from the radiologist worklist, identifying those duties and allocating them to a separate worklist for ancillary clinical and clerical staff to execute
News | Advanced Visualization | November 21, 2019
Intelerad Eliminates Interruptions that Siphon Radiologists’ Reading Time
November 21, 2019 – A new solution from Intelerad Medical Syste...
read more
The RX1270 is Eizo’s highest resolution monitor at 12-megapixels (horizontal 4,200 x vertical 2,800 pixels)
News | Flat Panel Displays | November 21, 2019
EIZO Unveils Megapixel Color Monitor
November 21, 2019 — Eizo Inc.
read more
LifeImage Baystate
News | Artificial Intelligence | November 18, 2019
Baystate Health and Life Image Announce Strategic Partnership
November 18, 2019 — Baystate Health, the premier integrated health syst
read more
News | Artificial Intelligence | November 18, 2019
Visage to Spotlight the Visage 7 Enterprise Imaging Platform at RSNA
November 18, 2019 — Visage Imaging, Inc. (Visage), a wholly owned subsidi
read more
© Copyright Scranton Gillette Communications. All Rights Reserved.