By Kirsten Bay / Special to Healthcare Facilities Today

It takes a few seconds for a hacker to exploit a known vulnerability, install malware, steal passwords or gain access to an entire healthcare database – chock full of patient data. The bring your own device (BYOD) trend, while helpful for doctors, nurses and hospitals, has opened the malicious floodgates to a host of cyber-attack possibilities.  

A recent Huffpost Tech article reported 28 out of 60 NHS trusts have been hit by ransomware in the past year – with ransom values ranging between £77 and £2,299. Whilst that monetary value may seem low, the fact that one of these attacks can render an entire organization’s network nonoperational is loss enough.

Healthcare facility professionals should be asking – have I done enough to protect my staff and network?

The perception is that security solutions slow down the user – and as we have all seen waiting for a doctor’s appointment, healthcare professionals do not have the time nor the patience to jump through hoops to secure their online activity. If they need a patient file, they need it stat.

Most physicians or healthcare security professionals avoid encryption for the all too common, yet misguided perception of security slowing their care of patients – they HATE inputting multiple passwords, getting timed-out, putting in the password again . . . rinse and repeat. While certainly not exclusive to healthcare in terms of user avoidance, the stakes are much higher within this industry.

James Scott, co-founder of the Institute for Critical Infrastructure Technology (ICIT) in Washington D.C.  says, “Electronic health records are 100 times more valuable than stolen credit cards” – one Medicare or Medicaid electronic health record is said to carry a $500 price tag on the Darkweb. Experian estimates that health records are worth up to 10 times more than credit card numbers on the black market not to mention the loss of very private data.

This issue also speaks to the need for solutions like MAX Risk Intelligence, which tells you to the dollar how much a data breach could cost, allowing the value of the data to be continually quantified. You are a lot more careful with something you know has real value. Linking the value of data to its security makes the user a participant in the overall equation.

So when will healthcare security professionals realize how essential it is to have an always-on, tamper resistant solution that will protect their invaluable patient data whilst saving them from downtime. This type of solution is seamless for their physicians, and takes away the the option to subscribe or not.

For their sake, we hope the answer is now, before it’s too late.

Kirsten Bay is president and CEO of Cyber adAPT.