Cyberattack Drill Exposes Healthcare Industry's Vulnerabilities
"Unlike financial services, where you're just dealing with primarily banking and loan information, we're dealing with small providers, small doctors' offices and clinics, and diagnostic centers. And we're dealing with medical devices and manufacturers," Mellinger says. "We're dealing with hospital systems. We're dealing with the payer industry. So how do you coordinate intelligence information and expertise across those varying types of entities?"
Not surprisingly, the exercise also pointed out that the ability of similar organizations to respond to a cyberthreat varies based on the maturity and experience of each organization's IT systems and leadership teams.
Early Warning System Needed
Jim Koenig, principal global leader, commercial privacy, cybersecurity and incident response for Booz Allen Hamilton, says "all of the new players present increase opportunities for risk, and systems that haven't become necessarily stable, and all of that happening at once creates a new set of risk profiles." Koenig acted as observer for the CyberRX exercises on behalf of the exercise's organizers, HHS and the Health Information Trust Alliance (HITRUST).
Rapid changes in healthcare technology are all the more reason for an early warning system, because a number of organizations may be subject to the same potential threat and the same potential players, or, a vendor, who may be vulnerable within the chain, Koenig says.
- Ebola: Health Officials Try to Quell Front Line Fears
- Reducing Readmissions Starts with Better Collaboration
- Readmissions: No Quick Fix to Costly Hospital Challenge
- Ebola: A New Normal in Dallas
- Defensive Medicine Still Prevalent Despite Tort Reform
- Partners HealthCare M&A Deal Under Scrutiny
- 'Overtreatment' Debate Circles Back to Lung Cancer Screening
- Health Literacy Month Gets a Boost from Payers
- How Telehealth Pays Off for Providers, Patients
- How Educated Nurses Save Money