By Chuck Green
According to the latest Ponemon Institute study, data breaches data could be costing the healthcare industry $6.2 billion. Nearly 90 percent of healthcare organizations represented in this study had a data breach in the past two years, and nearly half, or 45 percent had more than five data breaches in the same time period. The majority of these breaches were small, containing fewer than 500 records.
Still, for the second year in a row, criminal attacks are the leading cause of data breaches in healthcare. In fact, 50 percent of healthcare organizations say the nature of the breach was a criminal attack and 13 percent say it was due to a malicious insider, Ponemon indicated.
Meantime, at Mount Sinai Health System in New York, a cyber breach would be managed by legal, regulatory and IT – all of whom have protocols in place to ensure compliance with regulatory and legal requirements, according to Kevin Chason, medical director, emergency management. Its management teams would assist with coordination where additional resources might be needed: "We've also conducted drills with all of these groups in this area to practice the procedures."
To help prevent or minimize technology blackouts due to, for example, a cyber incident or power outage, Chason said staff members are trained to ensure they're prepared to continue to provide patient care during a cyber breach.
"We conduct drills with our clinical staff where we teach them how to practice medicine the old fashioned way, like using paper, before we had computers," he said.
The health system also conducts exercises based on how to mobilize various groups to help manage a range of issues, such as communicating with the those behind an incident, he added.