Nebraska Medicine, a private not-for-profit hospital in Omaha, was victimized by a hack attack last week. It continued to see patients throughout the period when its IT system was out, using what it called “alternative standardized processes to record and transmit information manually.” (That is, it went back to pens and paper on clipboards.)
NM had to reschedule non-critical appointments and elective procedures. Its managers assured the public that, due to back-up or recovery systems, no patients’ medical records were deleted or destroyed. But they refused to answer when asked whether patient confidentiality had been compromised in the attack.
There exists a huge black market on the “dark web” for patient information. Most hacker attacks are motivated not out of a malicious sense of “fun,” but because the hackers want this information and the money they can get by selling it.
In Pill Form:
The attacks on healthcare organizations of all types are increasing of late, and the targets are obligated to continually reassess and reinforce their security measures through encryption, access monitoring, and the flagging of unusual activity. Though bank and financial networks have done this work and have reduced their cyber threats in recent years, hospitals have lagged behind.