In today’s healthcare system, it has become increasingly critical for patient information to be properly processed and stored electronically. With the industry progressing toward a more tech savvy routine to improve patient care and accelerate communication of health records, the potential that information can be lost or stolen—ending up in the wrong hands of a cybercriminal—is increasing in turn.
As of January 1, 2018, there have been over 110 hacking/IT-related healthcare organization incidents affecting 500 or more individuals in the U.S. alone according to the U.S. Department of Health and Human Services. New risks arise daily that don’t only disrupt businesses continuity, but also put patient privacy at stake. As healthcare providers strive to protect patients from threats to their well-being, the importance of safeguarding the infrastructure of the organization – from electronic medical records to medical devices—is more important now than ever given the success cybercriminals experience today breaching healthcare organizations and gaining access or control of this information.
To gain insight into what’s happening in the healthcare industry when it comes to cybersecurity, Kaspersky Lab issued a survey. The research provides insight into the perceptions of healthcare employees in North America regarding cybersecurity in their workplace, including awareness of cybersecurity breaches, protection of sensitive information, cybersecurity awareness and training, and more. Kaspersky Lab commissioned the research firm Opinion Matters to conduct a survey of 1,758 employees based in healthcare organizations in the United States and Canada.
Key findings include:
- Of those that experienced a ransomware cybersecurity attack in their organization, 81% of VSB, 83% of SMB, and 81% of enterprise, employees admit to having had experienced up to four ransomware cybersecurity attacks.
- More than 1 in 4 (27%) healthcare IT employees admit they are aware of ransomware cybersecurity attacks to their employer within the past year.
- Of those that stated they were aware a ransomware cybersecurity attack had taken place in their organization, a third (33%) noted that this had happened more than once.
- Of those that stated they were aware a ransomware cybersecurity attack had taken place in their organization, 78% of respondents in U.S. and 85% of respondents in Canada stated their company had experienced up to five attacks.
- Over half (57%) of employees of VSBs said they would report a suspicious email to their employer’s IT team, as opposed to almost three quarters of those working at SMBs (74%) and 79% of employees working at enterprises.
- Nearly three quarters of respondents (71%) said that they care about having cybersecurity measures in place at their organization to protect patients.