Hacked! Disaster Recovery Services for Healthcare Providers
March 19, 2020
2018 was a good year for healthcare hackers. Becker’s Health IT & CIO Review says there were 945 data breaches in the U.S. These incidents illustrate the importance of disaster recovery services in healthcare and other fields as a way to mitigate risk.
This post explores the data breaches in healthcare this year as cautionary tales for the unprepared. How can disaster recovery services help healthcare providers shore up vulnerabilities? How can disaster recovery also help hospitals during natural disasters or other service delivery disruptions?
Hackers Strike – Incidents
A laundry list of hacker incidents by the midpoint of this year showed that the size of the facility was less important than the holes left in their infrastructure. Here are some of the statics that healthcare providers should note, as taken from the pages of Becker’s:
In what may be called an ironic twist, Becker’s published the results of a Medical Group Management (MGMA) poll at the same time as the release of these hacker statistics. The MGMA poll showed that 55% of healthcare providers believe their organization is safe from cyber terrorism threats.
In the meantime, the Identify Theft Resource Center (ITRC) reported approximately 12.4 million people had their information hacked this year. That’s a 37% increase from 2016.
To harden their infrastructures, the MGMA Government Affairs committee recommended the following for all healthcare providers:
“…conducting a HIPAA security risk assessment, updating operating systems and antivirus software, encrypting systems and files containing patient information and frequently training staff on malware protection protocols.”
Weathering the Storm with Disaster Recovery Services
HealthTech Magazine illustrated the number one thing that hospitals, medical practices, and other care delivery entities can do to protect their data: create a strategic disaster recovery plan. The article points out that natural disasters are just as prevalent as cyber terrorism and healthcare providers must prepare for both.
In an article called “Strategic Tech Planning is the Heart of Healthcare Disaster Recovery,” HealthTech Magazine interviewed several forward-thinking CIOs about the techniques they’re using to prepare for the worst possible outcomes. For example:
Clearly, the move to the cloud isn’t as controversial in healthcare circles. A HIMSS Analytics 2016 Cloud Survey pointed out that 47% of providers were planning to use it for business continuity and disaster recovery services. Health First utilized a hybrid model, which ultimately swings into effect anytime a hurricane threatens. This attitude signals a new approach by healthcare CIOs that have been reluctant to consider the cloud as a safer option than on-premise deployments.
Get a free assessment of your ability to respond to cyber terrorism.
Disaster Recovery Services Requires Planning
Planning for the event requires detailed planning along with hardening of technology infrastructures. While the response to a hacker breach is different from preparing for a tornado, the planning process is the same.
Disaster recovery services planning requires detailed plans that take into account the internal people, processes, and technology. At the same time, creating an external communications plan will help customers and other stakeholders understand what’s happening and how your facility is responding. Conducting drills to test these scenarios is a best practice for disaster recovery.
With the average cost of an unplanned healthcare data center outage averaging $918,000, according to the Ponemon Institute, hospitals can’t afford to develop a disaster recovery services plan for the future.
Get peace of mind – get a disaster recovery plan in place. Request a quote on TOSS C3 disaster recovery services.
Subscribe now and stay up to date with News, Tips, Events, Cybersecurity, Cloud and Data Compliance.