The Workgroup for Electronic Data Interchange has released a “primer” addressing some of the challenges that healthcare organizations face in defending themselves against the epidemic of cyberattacks and how to counter them.

According to WEDI, the frequency, scope and sophistication of cyberattacks on healthcare organizations are growing at an alarming rate. It estimates that between 2010 and 2014 about 37 million healthcare records were compromised in data breaches. However, in the first four months of 2015 alone, more than 99 million healthcare records have already been exposed through 93 separate attacks.

“The risk of cyberattacks is no longer limited to the IT desk—it is a key business issue that must be addressed by executive leadership teams in order to build that ‘culture of prevention,’” said Devin Jopp, president and CEO of WEDI.

Also See: Do You Have a Breach Response Plan?

As the group points out, many healthcare organizations have not invested sufficiently in robust IT security measures that can protect and encrypt health data in electronic health record systems, interfaces, repositories, databases, connected medical devices and personal devices.

“The lack of robust security protocols and standards for data interchange between enterprise systems, medical devices and personal/home health devices can put healthcare organizations at increased risk and exposure,” the report states. “However, by employing a comprehensive threat intelligence strategy, organizations can more effectively, proactively and sustainably defend against threat adversaries. The development of policies, procedures and training can further prevent attacks and raise user awareness to be mindful of clicking links, executing files or sharing account information.”

Although no healthcare organization can be completely immune from cyberattacks, WEDI argues that they can take appropriate actions to put in place defenses and to make cybersecurity an integral part of their business environment and culture.

WEDI’s primer covers three areas of cybersecurity: the lifecycle of cyberattacks and defense; the anatomy of an attack; and building a culture of prevention. The primer, sponsored by cybersecurity vendor Fortinet, is available here.

This story was first posted to Health Data Management's web site.

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access