We’ve been seeing a number of articles concerning the vulnerability of electronic medical records (EMRs) and electronic health records (EHRs) to outside hacks and ransom demands. It’s important for all health care providers to be proactive and diligent when it comes to security measures for electronic data.
A while back, we published a blog post about a Bloomberg Business report, “It’s Way Too Easy to Hack the Hospital.” In the report, Bloomberg revealed the ease with which hackers were able to crash or manipulate equipment and devices in the hospital setting. Based on recent news – like this from Health Data Management – we want to alert you that hospitals aren’t the only facilities at risk. Physician and dentist practices are also prone to these attacks… perhaps even more than hospitals due to limited onsite IT personnel at most private practices.
As reported in the Health Data Management article – “Spine care practice pays ransom, regains IT systems” – the New Jersey Spine Center was forced to pay a ransom to hackers in order to “regain control of its information systems after a ransomware attack.” By the time the Center’s virus protection software detected the malware, its electronic patient records were already encrypted. Patient information that may have been compromised, according to the Center, included “medical and demographic data and, in some cases, Social Security numbers, credit card numbers and account information.”
For more information on this kind of risk, visit our post on hacking the hospital. As we advise in that post, it does fall on doctors and hospitals to know where they’re vulnerable and – utilizing experts in the field – put in place proper security measures. While MLMIC’s medical malpractice coverage does not extend to data breaches or similar vulnerabilities, do not hesitate to contact us if you have questions or concerns. In addition, if you are interested in having MLMIC provide a CME program to your practice, group and/or medical facility on this critical topic, please contact Pastor Jorge at (212) 576-9680.