{"id":12350,"date":"2017-07-26T16:44:00","date_gmt":"2017-07-26T16:44:00","guid":{"rendered":"http:\/\/associatednews.us\/content\/2017\/07\/26\/hospitals-face-growing-cybersecurity-threats\/"},"modified":"2017-07-26T16:44:00","modified_gmt":"2017-07-26T16:44:00","slug":"hospitals-face-growing-cybersecurity-threats","status":"publish","type":"post","link":"https:\/\/associatednews.us\/content\/hospitals-face-growing-cybersecurity-threats\/","title":{"rendered":"Hospitals Face Growing Cybersecurity Threats"},"content":{"rendered":"<p><span style=\"font-style:italic;font-size:16px\">By  <a class=\"colorbox\" href=\"http:\/\/www.npr.org\/sections\/health-shots\/2017\/07\/26\/539290596\/hospitals-face-growing-cybersecurity-threats?utm_medium=RSS&amp;utm_campaign=healthcare\">Lauren Silverman<\/a><\/span>  <\/p>\n<div class=\"ftpimagefix\" style=\"float:left\"><a class=\"colorbox\" rel=\"nofollow\" href=\"http:\/\/www.npr.org\/sections\/health-shots\/2017\/07\/26\/539290596\/hospitals-face-growing-cybersecurity-threats?utm_medium=RSS&amp;utm_campaign=healthcare\"><img decoding=\"async\" width=\"150\" src=\"https:\/\/media.npr.org\/assets\/img\/2017\/07\/26\/gettyimages-557136215_custom-35247159cc88b087fb4843ffadb9df93adeb8646-s1100-c15.jpg\" alt=\"\"><\/a><\/div>\n<div>\n<div>\n<div><a class=\"colorbox\" rel=\"nofollow\" href=\"https:\/\/media.npr.org\/assets\/img\/2017\/07\/26\/gettyimages-557136215_custom-35247159cc88b087fb4843ffadb9df93adeb8646-s1200.jpg\">Enlarge this image<\/a><\/div>\n<\/div>\n<div>\n<div>\n<div>\n<p>\n                Patient information can be vulnerable when health care facilities are the focus of cyberattacks.<\/p>\n<p>                <b><\/p>\n<p>                    Eric Audras\/Onoky\/Getty Images<\/p>\n<p>                <\/b><b><b>hide caption<\/b><\/b><\/p>\n<\/div>\n<p><b><b>toggle caption<\/b><\/b><\/div>\n<p><span><\/p>\n<p>        Eric Audras\/Onoky\/Getty Images<\/p>\n<p>    <\/span><\/div>\n<\/div>\n<p>In the neonatal intensive care unit of Cook Children&#8217;s Hospital in Fort Worth, Texas, a father is rocking a baby attached to a heart monitor. While doctors roam the halls trying to prevent infections, Chief Information Officer Theresa Meadows is worried about another kind of virus.<\/p>\n<p>&#8220;The last thing anybody wants to happen in their organization is have all their heart monitors disabled or all of their IV pumps that provide medication to a patient disabled,&#8221; Meadows says.<\/p>\n<p>Meadows manages IT and cybersecurity for nearly 7,000 employees at more than 50 locations in Texas. After co-chairing an <a class=\"colorbox\" rel=\"nofollow\" href=\"https:\/\/www.phe.gov\/Preparedness\/planning\/CyberTF\/Documents\/report2017.pdf\">evaluation<\/a> of hospital cybersecurity across the U.S., she says there&#8217;s a lot to improve.<\/p>\n<p>Dr. <a class=\"colorbox\" rel=\"nofollow\" href=\"http:\/\/www.hitsp.org\/halamka.aspx\">John Halamka<\/a>, chief information officer of Beth Israel Deaconess Medical Center in Boston, agrees. &#8220;Health care has traditionally underinvested in information technology,&#8221; Halamka says.<\/p>\n<p>Halamka, who has been a CIO since the 1990s, says just a decade ago, pretty much all health records were paper. Then, in a period of a few years, hospitals switched to electronic records. But the security of digital health data has not kept up with its growth. Other industries, like financial services and the federal government,<a class=\"colorbox\" rel=\"nofollow\" href=\"https:\/\/www.symantec.com\/content\/dam\/symantec\/docs\/infographics\/symantec-healthcare-it-security-risk-management-study-en.pdf\"> have devoted more than 12 percent<\/a> of their IT budgets to cybersecurity. Health care averages <a class=\"colorbox\" rel=\"nofollow\" href=\"https:\/\/www.symantec.com\/content\/dam\/symantec\/docs\/other-resources\/ha-it-security-2017-study-ebook.pdf\">just half that<\/a>.<\/p>\n<aside>\n<div><\/div>\n<\/aside>\n<aside>\n<div><\/div>\n<\/aside>\n<p>At the same time,<a class=\"colorbox\" rel=\"nofollow\" href=\"https:\/\/healthitsecurity.com\/news\/healthcare-data-breach-costs-still-highest-among-industries\"> the cost of mitigation has soared<\/a>, with the average breach costing $355 per stolen record for health care organizations. And hackers have gotten creative. Back in 1997, Halamka says, the threats he faced were students trying to hack the network.<\/p>\n<p>&#8220;In 2017, what threats do I face? State-sponsored cyberterrorism, organized crime and hacktivism.&#8221;<\/p>\n<p>It&#8217;s no wonder demand for cybersecurity talent in health care has exploded. But it&#8217;s not that easy to recruit.<\/p>\n<p>Digital health care consultant <a class=\"colorbox\" rel=\"nofollow\" href=\"http:\/\/www.healthcareitnews.com\/news\/drex-deford-rock-n-roll-dj-joined-air-force-en-route-becoming-cio\">Drexel DeFord<\/a> jokes that he&#8217;s a &#8220;recovering CIO. CIOs are overly stressed with everything from security to regulation,&#8221; he says. &#8220;When I talk to them about maybe coming into health care, the answer I usually get is &#8216;No way, it&#8217;s too complicated. It&#8217;s way simpler to do banking or oil and gas.&#8217; &#8220;<\/p>\n<p>It&#8217;s also much more lucrative to work in other industries. According to <a class=\"colorbox\" rel=\"nofollow\" href=\"http:\/\/burning-glass.com\/\">Burning Glass Technologies<\/a>, the average advertised pay for health care cybersecurity positions is 25 percent lower than in finance.<\/p>\n<p>Plus you&#8217;re on the line every minute, not just for keeping someone&#8217;s social media profile working, but for helping keep them alive.<\/p>\n<p>Meadows says a good CIO is familiar with complex medical devices and comfortable with software and complicated regulations. Also, a CIO needs to keep the hospital staff educated on the latest threats, sometimes by running mock cyberattacks. Meadows conducts regular phishing exercises paired with educational campaigns.<\/p>\n<p>The average cost of a health care breach is estimated to be<a class=\"colorbox\" rel=\"nofollow\" href=\"http:\/\/lpa.idexpertscorp.com\/acton\/attachment\/6200\/f-04aa\/1\/-\/-\/-\/-\/Resources%20-%20Sixth%20Annual%20Benchmark%20Study%20on%20Privacy%20and%20Security%20of%20Healthcare%20Data%20.pdf?cm_mmc=Act-On%20Software-_-email-_-ID%20Experts%20Download%20-%20Sixth%20Annual%20Benchmark%20Study%20on%20Privacy%20%26%20Security%20of%20Healthcare%20Data-_-Download%20Now&amp;sid=TV2:9jSw7ddN2\"> more than $2.2 million<\/a>, not to mention the reputation damage. Meadows says the price of hiring a cybersecurity leader might seem high, but leaving the job open is an invitation for trouble.<\/p>\n<p><strong><a class=\"colorbox\" rel=\"nofollow\" href=\"https:\/\/blockads.fivefilters.org\/\">Let&#8217;s block ads!<\/a><\/strong> <a class=\"colorbox\" rel=\"nofollow\" href=\"https:\/\/blockads.fivefilters.org\/acceptable.html\">(Why?)<\/a><\/p>\n<p>Source:: <a href=\"http:\/\/www.npr.org\/sections\/health-shots\/2017\/07\/26\/539290596\/hospitals-face-growing-cybersecurity-threats?utm_medium=RSS&amp;utm_campaign=healthcare\" class=\"colorbox\" title=\"Hospitals Face Growing Cybersecurity Threats\" rel=\"nofollow\">http:\/\/www.npr.org\/sections\/health-shots\/2017\/07\/26\/539290596\/hospitals-face-growing-cybersecurity-threats?utm_medium=RSS&amp;utm_campaign=healthcare<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<div class=\"ftpimagefix\" style=\"float:left\"><a class=\"colorbox\" rel=\"nofollow\" href=\"http:\/\/www.npr.org\/sections\/health-shots\/2017\/07\/26\/539290596\/hospitals-face-growing-cybersecurity-threats?utm_medium=RSS&amp;utm_campaign=healthcare\"><img decoding=\"async\" width=\"150\" src=\"https:\/\/media.npr.org\/assets\/img\/2017\/07\/26\/gettyimages-557136215_custom-35247159cc88b087fb4843ffadb9df93adeb8646-s1100-c15.jpg\" alt=\"\"><\/a><\/div>\n<div>\n<div>\n<div><a class=\"colorbox\" rel=\"nofollow\" href=\"https:\/\/media.npr.org\/assets\/img\/2017\/07\/26\/gettyimages-557136215_custom-35247159cc88b087fb4843ffadb9df93adeb8646-s1200.jpg\">Enlarge this image<\/a><\/div>\n<\/div>\n<div>\n<div>\n<div>\n<p>\n                Patient information can be vulnerable when health care facilities are the focus of cyberattacks.<\/p>\n<p>                <b><\/p>\n<p>                    Eric Audras\/Onoky\/Getty Images<\/p>\n<p>                <\/b><b><b>hide caption<\/b><\/b><\/p>\n<\/div>\n<p><b><b>toggle caption<\/b><\/b><\/div>\n<p><span><\/p>\n<p>        Eric Audras\/Onoky\/Getty Images<\/p>\n<p>    <\/span><\/div>\n<\/div>\n<p>In the neonatal intensive care unit of Cook Children&#8217;s Hospital in Fort Worth, Texas, a father is rocking a baby attached to a heart monitor. While doctors roam the halls trying to prevent infections, Chief Information Officer Theresa Meadows is worried about another kind of virus.<\/p>\n<p>&#8220;The last thing anybody wants to happen in their organization is have all their heart monitors disabled or all of their IV pumps that provide medication to a patient disabled,&#8221; Meadows says.<\/p>\n<p>Meadows manages IT and cybersecurity for nearly 7,000 employees at more than 50 locations in Texas. After co-chairing an <a class=\"colorbox\" rel=\"nofollow\" href=\"https:\/\/www.phe.gov\/Preparedness\/planning\/CyberTF\/Documents\/report2017.pdf\">evaluation<\/a> of hospital cybersecurity across the U.S., she says there&#8217;s a lot to improve.<\/p>\n<p>Dr. <a class=\"colorbox\" rel=\"nofollow\" href=\"http:\/\/www.hitsp.org\/halamka.aspx\">John Halamka<\/a>, chief information officer of Beth Israel Deaconess Medical Center in Boston, agrees. &#8220;Health care has traditionally underinvested in information technology,&#8221; Halamka says.<\/p>\n<p>Halamka, who has been a CIO since the 1990s, says just a decade ago, pretty much all health records were paper. Then, in a period of a few years, hospitals switched to electronic records. But the security of digital health data has not kept up with its growth. Other industries, like financial services and the federal government,<a class=\"colorbox\" rel=\"nofollow\" href=\"https:\/\/www.symantec.com\/content\/dam\/symantec\/docs\/infographics\/symantec-healthcare-it-security-risk-management-study-en.pdf\"> have devoted more than 12 percent<\/a> of their IT budgets to cybersecurity. Health care averages <a class=\"colorbox\" rel=\"nofollow\" href=\"https:\/\/www.symantec.com\/content\/dam\/symantec\/docs\/other-resources\/ha-it-security-2017-study-ebook.pdf\">just half that<\/a>.<\/p>\n<aside>\n<div><\/div>\n<\/aside>\n<aside>\n<div><\/div>\n<\/aside>\n<p>At the same time,<a class=\"colorbox\" rel=\"nofollow\" href=\"https:\/\/healthitsecurity.com\/news\/healthcare-data-breach-costs-still-highest-among-industries\"> the cost of mitigation has soared<\/a>, with the average breach costing $355 per stolen record for health care organizations. And hackers have gotten creative. Back in 1997, Halamka says, the threats he faced were students trying to hack the network.<\/p>\n<p>&#8220;In 2017, what threats do I face? State-sponsored cyberterrorism, organized crime and hacktivism.&#8221;<\/p>\n<p>It&#8217;s no wonder demand for cybersecurity talent in health care has exploded. But it&#8217;s not that easy to recruit.<\/p>\n<p>Digital health care consultant <a class=\"colorbox\" rel=\"nofollow\" href=\"http:\/\/www.healthcareitnews.com\/news\/drex-deford-rock-n-roll-dj-joined-air-force-en-route-becoming-cio\">Drexel DeFord<\/a> jokes that he&#8217;s a &#8220;recovering CIO. CIOs are overly stressed with everything from security to regulation,&#8221; he says. &#8220;When I talk to them about maybe coming into health care, the answer I usually get is &#8216;No way, it&#8217;s too complicated. It&#8217;s way simpler to do banking or oil and gas.&#8217; &#8220;<\/p>\n<p>It&#8217;s also much more lucrative to work in other industries. According to <a class=\"colorbox\" rel=\"nofollow\" href=\"http:\/\/burning-glass.com\/\">Burning Glass Technologies<\/a>, the average advertised pay for health care cybersecurity positions is 25 percent lower than in finance.<\/p>\n<p>Plus you&#8217;re on the line every minute, not just for keeping someone&#8217;s social media profile working, but for helping keep them alive.<\/p>\n<p>Meadows says a good CIO is familiar with complex medical devices and comfortable with software and complicated regulations. Also, a CIO needs to keep the hospital staff educated on the latest threats, sometimes by running mock cyberattacks. Meadows conducts regular phishing exercises paired with educational campaigns.<\/p>\n<p>The average cost of a health care breach is estimated to be<a class=\"colorbox\" rel=\"nofollow\" href=\"http:\/\/lpa.idexpertscorp.com\/acton\/attachment\/6200\/f-04aa\/1\/-\/-\/-\/-\/Resources%20-%20Sixth%20Annual%20Benchmark%20Study%20on%20Privacy%20and%20Security%20of%20Healthcare%20Data%20.pdf?cm_mmc=Act-On%20Software-_-email-_-ID%20Experts%20Download%20-%20Sixth%20Annual%20Benchmark%20Study%20on%20Privacy%20%26%20Security%20of%20Healthcare%20Data-_-Download%20Now&amp;sid=TV2:9jSw7ddN2\"> more than $2.2 million<\/a>, not to mention the reputation damage. Meadows says the price of hiring a cybersecurity leader might seem high, but leaving the job open is an invitation for trouble.<\/p>\n<p><strong><a class=\"colorbox\" rel=\"nofollow\" href=\"https:\/\/blockads.fivefilters.org\/\">Let&#8217;s block ads!<\/a><\/strong> <a class=\"colorbox\" rel=\"nofollow\" href=\"https:\/\/blockads.fivefilters.org\/acceptable.html\">(Why?)<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[47],"tags":[],"class_list":["post-12350","post","type-post","status-publish","format-standard","hentry","category-health"],"_links":{"self":[{"href":"https:\/\/associatednews.us\/content\/wp-json\/wp\/v2\/posts\/12350","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/associatednews.us\/content\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/associatednews.us\/content\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/associatednews.us\/content\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/associatednews.us\/content\/wp-json\/wp\/v2\/comments?post=12350"}],"version-history":[{"count":0,"href":"https:\/\/associatednews.us\/content\/wp-json\/wp\/v2\/posts\/12350\/revisions"}],"wp:attachment":[{"href":"https:\/\/associatednews.us\/content\/wp-json\/wp\/v2\/media?parent=12350"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/associatednews.us\/content\/wp-json\/wp\/v2\/categories?post=12350"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/associatednews.us\/content\/wp-json\/wp\/v2\/tags?post=12350"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}