Group assignment ( rough Draft) Week 5 pt 2

Cybersecurity breaches in the Healthcare industry pose a significant threat to those organizations. According to Gordon et al., cybersecurity breaches not only affect the patients and organizations important information but also these types of violations can affect the organization's creditability (2017). When an organization creditability comes into question due to a cybersecurity breach, that organization may lose customers due to the fear of their information not being appropriately protected. In Healthcare it is crucial that we understand the impact of cybersecurity breaches. Most of the major hospital in the United States are using electronic medical records (EMR). A lot of hackers are using Phishing to trick hospital and breaching their security protocol by tricking staff members into disclosing sensitive and personal information (Winder, 2014). Some cybersecurity attack may also include the use of medical devices, attacking medical devices in healthcare is almost the same as attacking a medical building, the only difference is that it is a human body (Storm, 2015).

Cyber Security Breach Diagram

Data Exposure

The increase of technology in the healthcare industry has provided many health organizations with the ability to monitor their patients remotely through digital devices, software, and electronic health records. The healthcare data is often collected and stored into a cloud base system where healthcare providers can have access anywhere to the patient's data in real-time. However, the vast network of devices that are connected directly with each other to collect, process, and share vital information has put many healthcare organizations at great risk for cybersecurity breaches. In addition, healthcare organizations are being challenged by the rise of the unauthorized party across the nation who have attempted to access their patient's data for malicious purposes. "Failed security has resulted in a massive data breach that has led to the loss or compromise of millions of personally identifiable healthcare records. Historically, the security of information systems, in general, has not been seriously considered in many instances until a breach has occurred. Healthcare information is sensitive, and there is no way to withdraw the information about patients once the information is exposed and resulting damage is done to that patient" (Moganedi, 2018, p. 297). Therefore, it is significant for healthcare companies to take measurable actions to prevent their patient's information from being accessible to unwanted users. Such measures can be made by performing annual HIPPA security risk analysis, implementing role base permission only for individual employees to have access to certain areas of the database, and requiring employees to change their username and password frequently.

Viruses

All it takes is one click, and the virus could spread like wildfire. That is why it is so vital that healthcare organization train their employee on how to look out for possible phishing emails which is the highest risk for health organizations to receive a virus. “Before 2016, healthcare organizations were not thought to be a primary target for ransomware. However, 14 hospitals had become the target of ransomware, and a total of 173 hacking/information technology (IT) incident data breaches had been officially reported by October 16, 2016, 17, 18. Hospitals have become an easy target for hackers for two reasons: The necessity of computer storage of information associated with patient care (e.g., electronic medical records) and the security holes in IT systems" (Spence, Bhardwaj, & Paul, 2018, p. 2). Therefore, healthcare organization must take actions by training their staff never to open up unknown emails, documents or download unknown files. Also, healthcare organizations must implement preventive measures such as having the latest virus software and running daily virus scans on all electronic devices within the organization. Without the proper actions taken to prevent data breaches within the healthcare industry, the percentages of cybersecurity attacks will continue to rise putting patients at risk.

Conclusion

Gordon, W. J., Fairhall, A., & Landman, A. (2017). Threats to information security—Public health implications. New England journal of medicine, 377(8), 707-709.

Moganedi, S. (2018, June). Undetectable Data Breach in IoT: Healthcare Data at Risk. Cyber Warfare and Security, 8(1), 296-298. Retrieved from https://search-proquest-com.contentproxy.phoenix.edu

Spence, N., Bhardwaj, N., & Paul, D. (2018, June). Ransomware in Healthcare Facilities: A Harbinger of the Future? Perspectives in Health Information Management, 1-22. Retrieved from https://search-proquest-com.contentproxy.phoenix.edu

Storm, D. (2015). MEDJACCK. Hackers Hijacking Medical Devices to Create Backdoors in Hospital Networks.

Winder, D. (2014). "Phish Your Own Staff: Arming Employees to Beat Modern Attacks," Info security, Nov. 28, 2014.