With healthcare being a huge target of cybercrime, the immediate concern is likely with regard to how it will coincide with any HIPAA regulation – or revealing any failure to comply. First thoughts usually go to the business side of a situation.
How much will this cost?
Will we be fined?
Will we have to notify patients that their data has been exposed?
How do we stop the hackers from controlling our network?
While healthcare is an industry that generates billions of dollars for many when discussing the business side of patient care, we might tend to forget that a patient isn’t an entity, but a human being. Our family, our friends, our neighbors. Ourselves. Patient data is greatly affected by the humans within our offices, but those actions affect the humans that come through our doors in ways that we might not think of right away.
A stolen name or social security number can come at great cost to both business and the individual, and in worse case scenarios, we have the potential embarrassment of private medical details and diagnoses being made available to the public or on the dark web. But the risk of endangering human LIVES is something we need to be sure that we acknowledge with cybersecurity policies and practices.
In September of 2020, there was a ransomware attack at Duesseldorf University Hospital. Because of this, the emergency room could not accept patients, and that meant that a woman who showed up for care had to seek treatment an additional 20 miles away at the nearest hospital. That patient did not survive.
The false promise of COVID-19 relief or vaccinations via a phishing email is dangerous to the public, but also creates additional roadblocks for legitimate healthcare to be practiced efficiently. The disruption of research or loss of data that can come from a breach or ransomware puts the rate of a cure or treatment at risk, essentially endangering the lives of anyone that might be affected.
Let us remember that the human factor in healthcare is the most critical part of maintaining strong cybersecurity and it is also the reason that we must work diligently to strengthen our efforts and protect our patients – the other humans in the equation.