What Healthcare Facilities Risk When Patient Data Gets Exposed

There has been an uptick of cyberattacks against hospitals and other healthcare facilities, putting patients at risk.

By Mackenna Moralez


Technology has taken the healthcare industry by storm. A report by JAMA Network found that more patients are willing to give their private information through an app rather than face to face. As more patients use technological offerings, it is up to healthcare facility managers to ensure the security of patient data. 

One challenge is that the global cybersecurity workforce is 65 percent smaller than it should be, according to a study by (ISC)2. In the next two years, organizations will need to prioritize cybersecurity. All cybersecurity programs need more organizational support. This includes tight security budgets and growing legacy footprints, according to a HIMSS report. Despite the call to beef up cyber practices within healthcare facilities, many organizations have yet to fully implement them.  

“Human beings by nature are conditioned to question anything new,” says Jimmy Hurff, senior vice president of data and analytics with GHX. “Knowing this, we should expect patients to be curious or even skeptical about any new technology we introduce in the care environment. Building trust involves clear and consistent communication with patients. The onus is on healthcare professionals and administrators to explain why a new technology and process is being introduced with specific attention given to outlining what patients can expect, including both the benefits and potential risk.” 

The longer hospitals and healthcare facilities fail to address these concerns, the more they put their patients at risk for their private information getting leaked.  

In February, Montrose Regional Health notified patients and families of cybersecurity attack that took place within its organization between August 2, 2021 and October 26, 2021. At the time of publication, the facility is investigating the attack and was unable to confirm if specific information within the email accounts were accessed. However, it was able to determine that hackers took the following patient information:  

  • names 
  • inpatient/outpatient status 
  • internal patient account number 
  • service date 
  • treatment cost 
  • procedure code 
  • provider name/ health insurance provider 

Montrose Regional Health reset account passwords upon discovering the attack and are reviewing its policies and procedures. Over 52,000 patients had their information compromised.  

Hospitals and other healthcare facilities are a key targets of cyberattacks because they have a high number of electronic devices, systems are outdated and healthcare staff are too busy to stay updated on proper cybersecurity training. The more vulnerable a system is, the more likely a patient will lose trust in its operations. 

“We also live in a data saturated world,” Huff says. “More technology means more data and many patients are worried about their privacy. Healthcare organizations can continuously build trust with patients by demonstrating their organization’s security posture, securing third party accreditation and ongoing compliance with the latest security requirements.” 

Mackenna Moralez is assistant editor with Healthcare Facilities Today. 



March 24, 2022


Topic Area: Information Technology , Security


Recent Posts

States Move Forward to Better Protect Senior Citizens

Senior citizens are among the most vulnerable population and require a certain level of care. States are trying to protect them.


Archer and REDA to Transform Newport Beach Building into Outpatient Center

Groundbreaking on the Newport Irvine Medical Center is scheduled for June 2025.


Sunflower Medical Group Facing Lawsuit Following January Data Breach

The lawsuit seeks a jury trial, damages, expanded credit monitoring services and security improvements at Sunflower Medical Group.


Nemours Children's Health Opens New Location in Lake Nona

The nearly 8,000-square-foot facility will increase access to primary and specialty care services.


Enhancing Safety at Hennepin Healthcare with a Screening System

Case study: The system was able to detect 2,500 risk items in less than five months.


 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.