Discover cyber security in healthcare

Healthcare cyber security involves a wide range of regulatory, security, and administrative policies and standards. As cyber attacks become more sophisticated, organizations in the healthcare industry are acutely aware of the threats they face and the obligation to protect the sensitive information in their systems.

In this discussion, we will take a close look at cyber security in healthcare, examining the challenges the industry faces, the impact of security breaches, and some best practices healthcare enterprises can follow to protect patient information and reduce risk.

Cyber criminals’ attempts to steal personal information or launch ransomware attacks create ripple effects that touch virtually every layer of the healthcare system, from individuals to care facilities to the businesses that support them.

Among the major threats to patient privacy is medical identity theft, or when someone steals personally identifiable information (PII) such as your name or Social Security number and uses it to submit fraudulent claims to Medicare. The impact of this type of cyber crime is wide reaching and threatens to upset the patient’s healthcare coverage.

Ransomware attacks are another big healthcare cyber security concern. According to the FBI’s Internet Crime Complaint Center (IC3) report from 2024, healthcare and public health was the second most-targeted industry sector in 2024, during which the number of reported ransomware incidents was 263,455, with a cost of $1.571 billion.

In the event of a ransomware attack on a hospital, surgeries have to be cancelled and relocated, ambulances are diverted, and patient files are disturbed. The impact can be enormous. In 2020 alone, more than 600 healthcare organizations in the United States were affected, involving more than 18 million patient records and costing nearly $21 billion.

Certain kinds of hospitals may be at higher risk for ransomware attacks, such as teaching hospitals that conduct biomedical research and have a large stream of data running between organizations. Rural hospitals where a single facility may serve several counties are in a particularly tricky situation, since there might not be another care facility nearby to use instead. Hackers know that a rural hospital’s ability to relocate patients is severely limited, and this adds significant leverage to their ransom demands.

The threat of cybercrime is certainly not exclusive to the health care industry. Enterprises in all sectors should develop smart cyber risk management strategies.

Training employees in proper cyber hygiene can be particularly effective. Cyber criminals often target employees with phishing scams or other cyber threats, using social engineering tactics to gain access to networked systems.

It isn’t difficult to find examples of cyber crime’s impact on the healthcare industry. A 2024 ransomware attack on United Healthcare, one of the largest healthcare payment processors in the country, was called the most serious incident of its kind. The attack caused 90% of pharmacies that use its payment processor to move offline.

The interruption prevented doctors from electronically refilling prescriptions and kept insurance plans from reimbursing care providers. Change Healthcare, one of its subsidiaries, typically processes more than 15 billion health billing transactions annually. According to news reports, UnitedHealth Group has paid out a total of $3.3 billion to compensate providers that were affected by the attack.

But cyber attacks on providers or networks have the potential to impact much more than finances and patient data. A breach in healthcare cyber security could seriously jeopardize patient safety, especially for patients admitted to a hospital during a ransomware attack.

Organizations in the healthcare space should implement strategies to reduce cyber security risk, including:

Strong access controls and user authentication are fundamental steps toward safeguarding data networks. In fact, weak passwords that are easy to guess are often one of the root causes of a data breach.

In an environment where information is accessible across departments, facilities and personnel, a health system’s cyber security may hinge on the integrity of third-party vendors. Vendors should be vetted and onboarded carefully and monitored regularly. Steps should be taken to ensure the vendor will not represent a legal, regulatory, compliance, operational or strategic risk to the client organization.

Healthcare enterprises should work to reduce their attack surfaces, or potential entry points for cyber criminals, that can be both digital and human. Let’s take a look at 3 types of attack surfaces: