Protecting Healthcare Networks Against Threats

In today’s digitally connected world, cybersecurity is a critical concern for all industries. However, for the healthcare industry, the failure to ensure resilience against cyber threats could be a matter of life and death.

According to a 2018 Thales Security Report, a staggering 77% of US healthcare organizations have been breached at some point in time. And 48% of those breaches have taken place in the last year.

Cybercriminals are targeting healthcare organizations worldwide because their fast-paced environments and large attack surfaces often mean weak links are easy to find and exploit. With valuable private information and health records available, healthcare organizations can be very profitable targets for hackers.

The Healthcare Industry Under Siege

Due to the digitization of health records, the healthcare industry can provide a higher quality of service without increasing costs. As more paper records move to Electronic Health Records (EHRs), hospitals and medical centers can optimize their operational efficiency. There are many benefits to digitizing health records.

  • Cost Savings: A University of Michigan study found that digital health records can reduce the cost of patient care by roughly 3 percent compared to using traditional paper records. Medical professionals don’t need to waste time on manual data entry.

  • Mobility: Digital records and mobile devices are helping healthcare professionals provide enhanced patient care through alerts and remote assessments. Doctors in different locations can access the most up-to-date patient data.

  • Accessibility: EHRs provide patients more access to their health records. They can proactively understand their conditions and consult more frequently with their medical caregivers. Most healthcare providers now offer online access to health records, billing information, and the ability to email doctors directly.

However, with these benefits also come risks when moving data to the digital landscape.

  • Hacking: EHRs hold sensitive patient information and are a prime target for hackers. Doctors, patients, medical staff and administrators all access EHRs, providing more entry points for hackers to gain access. With the rise of Internet of Things (IoT) devices for monitoring patients and systems in hospitals and medical centers, hackers have more opportunities to find a vulnerabile entry point.

  • Lack of Proper Data Protection: Often hospitals and medical facilities don’t have adequate network firewalls to segment the EHRs and medical data from IoT and guest devices. Next-generation firewalls can create separate networks for guests and IoT devices, minimizing the exposure if a breach were to occur.

  • Ransomware: Digital healthcare data has become a part of daily patient care. Doctors and nurses depend on the information to provide proper treatment. Cybercriminals do not necessarily have to steal data in order to wreak havoc on their victims. The UK National Health Service (NHS) was brought to its knees due to the WannaCry ransomware which locked up computing resources.

Here are some recent cybersecurity breaches in the healthcare industry that are of note:

Incident Impact
Catawba Valley Patient Records 20,000 records were breached through phishing attacks in August 2018.
Federal ACA Portal 75,000 individual records were breached in November 2018.
Hawaii Fetal Diagnostic Institute of Pacific 40,800 patient records were wiped out by ransomware in June 2018.
Augusta University 417,000 patient records were breached through ongoing attacks in 2016, 2017 and 2018.
Catawba Valley Patient Records 20,000 records were breached through phishing attacks in August 2018.
Federal ACA Portal 75,000 individual records were breached in November 2018.
Hawaii Fetal Diagnostic Institute of Pacific 40,800 patient records were wiped out by ransomware in June 2018.
Augusta University 417,000 patient records were breached through ongoing attacks in 2016, 2017 and 2018.

And the list goes on. As a result, the United States Health and Human Services (HHS) department has issued the “Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients (HICP)” guidelines to help healthcare and public health organizations develop proper cybersecurity measures.

Proactively Protect Your Healthcare Network and Records

Implementing a robust cybersecurity strategy can be overwhelming. Untangle can help your healthcare organization, large or small, work through the intricacies of implementing network security best practices to safeguard your resources without breaking your budget.

Network Segmentation: Untangle’s NG Firewall platform can create separate networks for IoT and guest devices to decrease the possibility of system-wide access. By separating the core internal network that houses all the private data from the public, you can minimize the risk of data theft or ransomware if a breach were to occur.

Security & Control: NG Firewall comes with many security features and applications to provide visibility and control over your network traffic and connected devices. Stay ahead of hackers by protecting your network at the gateway, stopping malware, hacking and phishing attempts before they reach users and devices.

Network Monitoring & Compliance: Reporting is a key aspect for healthcare organizations that must meet and maintain compliance with multiple regulations, including HIPAA. NG Firewall provides 24/7 monitoring of your network and logs all events providing records of any threat or anomaly detected. Alert rules allow IT administrators to get notified immediately if a certain condition is met, allowing them to stay on top of threats, policy breaches, and system statuses.

Untangle provides an all-in-one network security solution for healthcare organizations who require a simple platform at an affordable price. Contact us today to get started.

Additional Resources

Healthcare Solution
Case Studies
Contact Sales