Cyberattack Drill Exposes Healthcare Industry's Vulnerabilities
"Unlike financial services, where you're just dealing with primarily banking and loan information, we're dealing with small providers, small doctors' offices and clinics, and diagnostic centers. And we're dealing with medical devices and manufacturers," Mellinger says. "We're dealing with hospital systems. We're dealing with the payer industry. So how do you coordinate intelligence information and expertise across those varying types of entities?"
Not surprisingly, the exercise also pointed out that the ability of similar organizations to respond to a cyberthreat varies based on the maturity and experience of each organization's IT systems and leadership teams.
Early Warning System Needed
Jim Koenig, principal global leader, commercial privacy, cybersecurity and incident response for Booz Allen Hamilton, says "all of the new players present increase opportunities for risk, and systems that haven't become necessarily stable, and all of that happening at once creates a new set of risk profiles." Koenig acted as observer for the CyberRX exercises on behalf of the exercise's organizers, HHS and the Health Information Trust Alliance (HITRUST).
Rapid changes in healthcare technology are all the more reason for an early warning system, because a number of organizations may be subject to the same potential threat and the same potential players, or, a vendor, who may be vulnerable within the chain, Koenig says.
- 'Kafkaesque' Value System Unfairly Penalizes Doctor Pay
- Proton Beam Therapy Poised for Growth in US
- mHealth Tackles Readmissions
- CNO Leads $1M Charge for New Scrubs, Uniforms
- Some Cancer Hospitals' Quality Data Will Soon Be Public
- 4 Crucial Tactics for Reining in Healthcare Cost
- How Digital Strategy Shapes Patient Engagement at Boston Children's Hospital
- How, and Why, to Recruit Male Nurses
- Half of All Primary Care, Internal Medicine Jobs Unfilled in 2013
- Docs Fret as HHS Addresses Malpractice Reporting 'Loopholes'