Electronic medical and health records face various threats in the healthcare sector. Understanding these threats can help healthcare organizations to implement effective cybersecurity measures.
According to a study on Health Records Database and Inherent Security Concerns, “ The use of electronic health databases has grown exponentially in recent times and has eased the ability to share and access patient information. However, security and privacy concerns can pose a severe problem when third parties access sensitive information. With expanding demand in healthcare information storage, retrieval, and delivery process comes the need for more information security.”
Electronic medical records (EMRs) and electronic health records (EHRs) are two terms often used interchangeably in the healthcare industry. While they share similarities, there are subtle differences between them. An EMR refers to the electronic entry, storage, and maintenance of digital medical data, while an EHR encompasses a broader range of patient information, including demographics, test results, medical history, and medications.
Read more: EMR or EHR? What's the difference?
Here are some of the top threats facing EMRs and EHRs:
Phishing attacks are social engineering techniques used by threat actors to deceive individuals into revealing sensitive information. In the context of EMRs and EHRs, healthcare professionals may receive fraudulent emails or links that trick them into disclosing login credentials or downloading malware.
Malware and ransomware attacks pose a risk to EMRs and EHRs. Malware can enter healthcare networks through software vulnerabilities, encrypted traffic, downloads, or phishing attacks. Ransomware, a type of malware, can lock users out of their systems until a ransom is paid. These attacks can lead to data theft, system damage, and disruptions in patient care.
Data encryption is necessary for securing EMR/EHR data during transmission. However, encrypted traffic can create blind spots that threat actors can exploit to avoid detection. Healthcare organizations need to implement encryption strategies and ensure they have visibility into encrypted traffic to detect and mitigate potential threats.
With the increasing adoption of cloud services in healthcare, protecting EMR/EHR data stored in the cloud is imperative. Healthcare organizations must implement security measures and ensure compliance with regulations like the Health Insurance Portability and Accountability Act (HIPAA) to safeguard patient data.
Healthcare organizations should have cybersecurity strategies in place to educate employees, enhance administrative controls, monitor system access, and implement data encryption. Regular audits and monitoring can help detect and mitigate potential insider threats.
Read more: Insider threats in healthcare
Given the risks and consequences associated with EMR/EHR breaches, healthcare organizations must take proactive steps to protect patient data. Here are some strategies that healthcare leaders should consider:
Healthcare leaders should conduct risk assessments to identify vulnerabilities in their digital infrastructure. Understanding potential weaknesses allows organizations to develop preparedness plans and implement appropriate security measures.
Implementing a virtual private network (VPN) with multifactor authentication adds an extra layer of security to remote access and protects against unauthorized entry. Healthcare organizations should prioritize the use of VPNs and regularly patch vulnerabilities in VPN platforms.
Healthcare organizations should develop an endpoint-hardening strategy to enhance the security of their digital infrastructure. This strategy involves implementing multiple defense layers at various endpoints and using Endpoint Detection and Response (EDR) solutions to detect and mitigate cyber threats.
Threat hunting is a proactive practice that involves actively searching for threat actors or hackers within a network. Engaging cyber threat hunters can help healthcare organizations detect, prevent, and respond to potential cyber-attacks effectively.
Healthcare leaders should shift their focus from solely prevention strategies to proactive preparedness plans. This approach involves identifying vulnerabilities, implementing effective frameworks, and continuously monitoring and preventing potential cyber-attacks.
Email security is necessary to prevent unauthorized access to patient health records. Healthcare organizations should invest in email security software to mitigate the risk of malicious attachments or links.
See also: HIPAA Compliant Email: The Definitive Guide
Ascension, a US non-profit health system, confirmed that its electronic health records (EHR) system experienced a ransomware incident on May 8, 2024. As a result, its EHR and various systems for ordering tests and medications were rendered inoperable. Despite this, Ascension hospitals and facilities remained open, utilizing manual processes and paper records for medical tasks. Some hospitals diverted emergency services to prioritize immediate triage.
Ascension is collaborating with cybersecurity experts to restore systems safely, although it anticipates a gradual return to normal operations. The attack was initially detected on May 9, prompting Ascension to engage Mandiant for investigation and remediation. Law enforcement and government bodies have been notified, including the Federal Bureau of Investigation and the Department of Health and Human Services. This incident shows the persistent threat posed by cyberattacks to healthcare organizations worldwide, indicating the need for unified cyber governance to defend against such threats.
EMRs and EHRs contain sensitive personal and medical information, making them valuable targets for cybercriminals. This data can be used for identity theft, insurance fraud, and even blackmail. The healthcare sector often has less cybersecurity measures compared to other industries, making these records easier targets.
Ransomware can encrypt EMR and EHR data, making it inaccessible to healthcare providers until a ransom is paid to the attackers. This can disrupt healthcare services, delay treatments, and compromise patient safety.
Patients can help secure their EMRs and EHRs by:
In the event of a data breach, healthcare organizations should: