By Kayla Matthews, freelance journalist, Productivity Bytes.
As COVID-19 cases push hospitals around the country to their limits, medical facilities are facing challenges beyond sick patients. Long hours and an uptick in cyberattacks are putting serious strain on existing cybersecurity defenses. Without the right practices, these defenses may fail, exposing patient and hospital data to hackers and cybercriminals.
Here is why security remains key as the coronavirus outbreak grows more severe — and how hospitals can rise to meet current cybersecurity challenges.
Why Healthcare Data Security Remains Important
While cybersecurity may seem overshadowed by other healthcare concerns, the current crisis makes hospital data security more essential than ever.
Many hospitals and health systems are currently expanding or introducing COVID health data collection programs to get the information needed to combat the novel coronavirus. Many of these same systems are also ramping up data-sharing between institutions to ensure that medical providers around the country have the best possible information to work with.
New operating conditions — like hospitals that set up tents in parking lots to expand their number of available beds — have also changed how hospital systems, like electronic health records, are used and secured.
At the same time, hackers are stepping up their operations and trying to take advantage of the chaos. Security researchers have already noticed a serious rise in attacks like phishing emails, as well as new malicious health tracking and COVID-19–related apps.
Current stress on staff may make hospitals more vulnerable to hacks. Cybersecurity professionals were, on average, overworked before the crisis began — an issue that has likely gotten worse as the crisis has progressed. Doctors, nurses and hospital administrators are working overtime, and organizations are bringing on new workers to manage the increased need for professionals. Existing staff may struggle to keep up with good security practices, and new team members may not receive the full training they need to keep data safe.
New information collecting schemes are critical for medical providers — but if the data they collect isn’t secured, it may also put a lot of patients at risk. This patient information may not seem like the most valuable target for hackers — but health data is actually widely sought after by cybercriminals. These hackers use health information, along with other personal information, to construct comprehensive identity packages about individual patients.
What Hospitals Can Do to Handle Security
There are steps hospitals can take to ensure that patient and hospital data stays as safe as possible — even while the staff is under immense pressure.
During the crisis, operational security will become more critical. Doctors, nurses and hospital staff should be highly aware of what they are sharing on social media. Personal information should be kept private, and employees must take note of any information in the background of the photos they take. A cybercriminal scouring the posts of doctors and hospital workers may find what they need to break into a network — like a password taped to a monitor.
All hospital departments will need to stay on top of security — not just those that manage patient data directly or seem the most vulnerable to attack. Hospital legal departments, for example, should find ways to boost their security. Staff in these departments should identify information that needs to be safeguarded and consider tools that can help them securely manage and organize important documents.
Cybersecurity professionals should also continue to stay on top of the latest developments in the field. Certain tech, like video conferencing software Zoom, has come under scrutiny as increased use has revealed security vulnerabilities. Security workers and IT staff should stay aware of potential vulnerabilities so that they can take the necessary steps to mitigate the risks of vulnerable software and keep hospital networks as secure as possible.
Communication among cybersecurity workers will be key. Security researcher and writer Greg Conti recommends that cybersecurity staff work with their peers and cybersecurity organizations share information about new attacks, collaborate on security analysis and help the field stay on top of current challenges.
Defending Hospital Data During an Outbreak
The coronavirus outbreak has put significant pressure on hospital staff and administrators. At the same time, hospitals are ramping up data collection to provide medical professionals who are fighting COVID-19 with the best information possible. This combination means that data that may be at much higher risk than usual.
Hospital staff will need to keep vigilant through the crisis. Cybersecurity professionals should stay on top of the latest developments in the field and prioritize contact with their peers. Information from other workers may be critical in keeping hospital networks secure.