Viewpoint: Why hospital cybersecurity strategies fail

Cybersecurity must be strengthened among hospitals and health systems now more than ever as health services increasingly move to remote and online formats, according to Josephine Wolff, PhD.

In an Oct. 17 op-ed for The New York Times, Dr. Wolff, an assistant cybersecurity policy professor at Medford, Mass.-based Tufts University, highlighted issues with hospital cybersecurity: "Hospital networks are notoriously insecure due to a combination of inadequate resources, a lack of clear and effective cybersecurity guidelines and the large number of people and systems involved in operating a hospital, all of whom need some degree of access to its network," she wrote.

In addition to network inadequacies, Dr. Wolff also wrote that because hospitals rely on specialized equipment, such as ventilators and MRI machines, they must ensure that the specialized equipment is compatible with more secure software. However the update process can often be slow and expensive, which is why some continue using old software that is more vulnerable to attacks.

Hospitals and clinics are now dealing with remote care and intensive care unit capacities at high levels due to the COVID-19 pandemic, so they must re-evaluate their computer networks and increase protections to prevent their services from being interrupted by malware or their patient data being stolen, according to Dr. Wolff.

"Lawmakers, too, should be thinking about how to support the healthcare sector in these endeavors by providing funds to public hospitals for this purpose and developing clear security standards and requirements, so that hospitals have strong incentives to make much-needed improvements and are able to do so," she wrote.

More articles on cybersecurity:
Michigan health system goes offline after malware attack: 4 details
Russian hackers charged in 2017 malware attack against Pennsylvania health system: 4 details
Michigan Medicine error exposes patients' email address, health info: 3 details

© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.