Currently Viewing:
Newsroom
Currently Reading
Cybersecurity Is a Major Risk During the Transition to EHRs
October 21, 2017
Secure Patient—Provider Messaging Associated With Positive T2D Outcomes
September 22, 2017 – Christina Mattina
Review Outlines Recent Advances in Radiotherapy for Cancer
September 20, 2017 – Christina Mattina
Scribes May Help Relieve Physicians Burdened by EHR Tasks
September 14, 2017 – Christina Mattina
Guidelines Discourage Using Brain Imaging as a Test for Chronic Pain
September 13, 2017 – Laura Joszt
Researchers Develop Pen Tool for Quickly Identifying Cancer Tissue During Surgery
September 08, 2017 – Christina Mattina
What We're Reading: Telemedicine Help in Houston; Bipartisan Health Plan; Medicare's Big Bills
September 04, 2017 – AJMC Staff
HITECH Act Resulted in Significant Gains in EHR Adoption in Hospitals
August 15, 2017 – Alison Rodriguez
5 Takeaways From the 2017 AADE Meeting
August 11, 2017 – Mary Caffrey

Cybersecurity Is a Major Risk During the Transition to EHRs

Technology, specifically the electronic medical record, is becoming more prevalent in the healthcare industry; however, there are significant cybersecurity risks due to the major information shift.
Technology, specifically the electronic medical record, is becoming more prevalent in the healthcare industry; however, there are significant cybersecurity risks due to the major information shift.

A paper published in JAMA discussed the risks involved in the transition from paper medical records to electronic, and the prevention methods that are needed to avoid the consequences of potential viruses and hackers.

Congress had established the Health Care Industry Cybersecurity Task Force (HCIC) in 2015 to protect from 2 malware viruses—WannaCry and Petya. The HCIC was made up of 21 members including representatives in the federal government, patient advocates, and information technology (IT) specialists. In its report, Report on Improving Cybersecurity in the Health Care Industry, the HCIC suggested 6 critical recommendations for the healthcare industry, including:
  1. Identify and streamline leadership, governance, and expectations for healthcare cybersecurity.
  2. Increase the security of medical devices and health IT.
  3. Create the healthcare workforce capacity needed to prioritize and guarantee cybersecurity awareness and technical capabilities.
  4. Increase the industry’s readiness by improved cybersecurity awareness and education.
  5. Identify mechanisms to protect the research, development efforts, and intellectual property from attacks.
  6. Improve the information sharing of threats, weaknesses, and mitigations in the industry.
 

The development of electronic health records has produced a new risk for patients that potentially have more severe consequences. For example, ransomware—a software that permanently blocks access to records unless a ransom is paid—has the potential to isolate large data files that can limit patient care for extended periods.

“This stolen information not only can be sold for financial gain, but also can be used by other individuals to receive medical care, providing an opportunity for intermingling of medical information that can alter an allergy history, medication list, or other critical elements of a patient’s history,” the authors wrote. “This vulnerability can undermine public trust and prompt patients to withhold sensitive but needed information about medical history.”

Not all small hospitals and practices have access or the resources to protect against certain cybersecurity risks, and therefore should practice cyber hygiene, according to the authors. This can be accomplished by regularly changing passwords, ensuring their passwords are strong, and being aware of certain vulnerabilities, including non-updated software.

Despite the benefits of improved access that electronic health records and technology advancements provide, the healthcare industry should make an effort to prevent negative consequences that come with these new technologies through promoting awareness.

 
Copyright AJMC 2006-2019 Clinical Care Targeted Communications Group, LLC. All Rights Reserved.
x
Welcome the the new and improved AJMC.com, the premier managed market network. Tell us about yourself so that we can serve you better.
Sign Up