In San Bernadino, California, hackers sought ransom from two county hospitals (read the full story here) while in Kentucky, hackers threw a hospital into an “internal state of emergency,” requesting ransom (read the full story here).
All of this just weeks after Hollywood Presbyterian Medical Center paid hackers US$17,000 in ransom to regain access to their systems. Why did they pay the ransom? It was the “quickest and most efficient way” to take care of the situation.
And yet, it’s possible these situations could have easily been prevented. In the case of the Kentucky situation, an employee had opened a malicious email that had snuck past system spam filters.
So while the FBI tackles the challenge of apprehending the perpetrators of these crimes, we’re left to wonder: what else can be done about this?
An article in Healthcare Finance News comes equipped with a handy little sub-heading that we believe says it all:
Employee education, basic safeguarding and information sharing can ward off the majority of attacks, security experts say.
Those first two words really stuck out: Employee education. The article continues:
Quite simply, experts agree the very employees that keep a hospital running can also be its greatest vulnerability when it comes to cybersecurity. Poor practices and bad habits on the part of those who directly access a health system's information everyday are often just the open door hackers need.
Now, we know these employees aren’t stupid. They’re well trained, gainfully employed, and entrusted with what might very well be the world’s most precious resource: People’s health. So the only thing left to do (to make a huge dent in this problem) is train them.
We can do that.
The only problem we can see is whether healthcare institutions are ready to have a little fun in doing so. Well, healthcare institutions? Are you? We believe you are. After all, in order to get by in the healthcare industry, you have to have a wicked sense of humour, no?
The situation, while critical, is not dire. Yet. We haven’t exhausted all of the possible solutions, but before we get anywhere near that point, don’t we owe to ourselves (and the millions of people who rely on our hospitals and clinics) to teach ourselves and our teams the best methods for preventing issues like these? Even if it means (gasp!) having a little fun?
As we speak, our crack team is developing a program to address the security issues healthcare professionals face every day. They’re sharpening their pencils and their wit and calibrating the scales so we can maintain the balance between professional, thoughtful, engaging and informative with side-splitting hilarity. In the meantime, check out our ground-breaking (and side-splitting) program, Restricted Intelligence and, our most recent program, Tuesdays With Bernie.
Here’s to your health!