Page 13 - SFHN619finalSP.qxp_SFHN 0608 Friday 5.0

P. 13

Cybersecurity in the Healthcare Industry

– Challenges and Best Practices

Introduction Recent Cyber Events (49 percent) of midsized healthcare 4. Create a cybersecurity culture
Valued at trillions of in the Healthcare organizations are deploying IoT technol- 5. Develop and test a breach communi-
dollars, the U.S. health- Industry ogy, with another 39 percent considering cation plan
care industry is growing in Most of the reported deploying it. Moreover, according to 6. Implement cybersecurity for med-
size each year. Not only attacks in the industry are healthcare cybersecurity firm Cynerio, ical devices in alignment with FDA post-
does the industry provide based on ransomware the number of connected medical market guidance
invaluable medical and infections—where the data devices alone is currently estimated at 10 7. Systematize the collection of threat
clinical services to is held “hostage” until a billion and is expected to reach 50 billion intelligence
American consumers, it is ransom is paid—installed within the next 10 years. While manu- 8. Provide cybersecurity education and
host to extremely sensitive to the device or computer facturers are ultimately responsible for training
and valuable information, network either through identifying and remediating potential 9. Perform third-party/vendor cyber
including: targeted spear-phishing cyber vulnerabilities associated with risk assessments
•Personally Identifiable attacks or "scattershot their medical devices, they are only 10. Conduct timely incident response
Information (PII) BY GREGORY A. attacks" (i.e., unfocused, meant to be the first line of defense. in accordance with the HIPAA Breach
•Payment Card GARRETT, CISSP, CPCM, and often generic attacks). With the infiltration of technology into Notification Rule
Information (PCI), and PMP The vast majority of mal- healthcare, consumers expect care to be
•Protected Health ware attacks in the health- available at their fingertips, personalized Summary
Information (PHI) via care industry are delivered to their individual needs and preferences. Once the sole prerogative of the IT
• Electronic Medical Records (EMR) via file attachments or URLs that link the They want digital health solutions. department, cybersecurity is now the
As a result, the U.S. healthcare indus- user to malicious code. Malicious URLs Taking patient needs into account, shared responsibility of all healthcare
try is an increasingly attractive target of were the preferred vehicle in 2018. health organizations must determine professionals. Part and parcel to their
cyber-attacks by: Malware attacks are not a unique what digital initiatives are needed to be commitment to patient safety and quali-
• Nation-state actors industry phenomenon. However, the rel- competitive in the future—while also ty, every healthcare professional must
• Organized cybercriminals atively large number of successful cyber- employing a threat-based cyber approach possess an understanding of the nature
• Hacker groups attacks on U.S. health organizations indi- to anticipate what type of cyber risks of the cyber challenges facing the indus-
• Company insiders cates that the computer systems in the could hinder or even arise from those try and adopt proven best practices to
The threat of attack is very real—and healthcare sector are systematically ill- initiatives. Any disruption, failure or mitigate cyber risk.
the consequences are potentially deadly. protected. Vulnerability to intrusion is security breach may result in not just
According to recent survey data from further compounded by growing adop- monetary loss but the loss of life. Gregory Garrett is Head of U.S. and
BDO in partnership with the American tion of artificial intelligence (AI) and the International Cybersecurity, BDO.

Hospital Association, more than half of Internet of Things (IoT)—which, while a Ten Cybersecurity Best Practices Contact:
hospital CEOs predict it is at least some- critical engine of industry innovation, for the Healthcare Industry Alfredo Cepero, Managing Partner
what likely that a hospital or health sys- also create new avenues of attack. 1. Prepare for complexity 305-420-8006/ acepero@bdo.com
tem in their service area will experience BDO’s 2019 Middle Market Digital 2. Be ready for the unexpected
a cyber breach that interferes with criti- Transformation Survey found that 36 3. Take time to review and approve Angelo Pirozzi, Partner
cal medical systems and causes physical percent of midsized healthcare organiza- budgets, prioritizing spending based on 646-520-2870 / apirozzi@bdo.com
harm to one or more patients in the next tions are already deploying AI solutions, level of threat
five years. and another 44 percent are considering
AI deployment. Meanwhile, almost half

Greater Miami Chamber

of Commerce Healthcare

Heroes Results

(L-R) REYNALD JEAN, ISABELLA ALLEN, DR. LINDA WASHINGTON-BROWN, MICHAEL FUX,
DR. CHARLES L. VOGEL, MARIO GONZALEZ, FRANCHINE DALEY, DR. GIRISH KAPUR

The Annual Greater Miami Chamber of Commerce Healthcare Heroes Awards
luncheon was recently held at Jungle Island. The event included more than 420
attendees plus many sponsors and exhibitors.
The winners of the seven awards were Dr. Charles Vogel, AXA Advisors Lifetime
Achievement Award; Mario Gonzalez, First Responders Award; Reynald Jean, MD,
MPH, MSN, AGPCNP-BC, Health Care Professional Award; Roxcy Bolton Rape
Treatment Center at Jackson Memorial Hospital, Organizations/Programs;
Michael Fux, Individual of Merit Award; Linda Washington-Brown, PhD, EJD,
APRN-C, MSN, FAANP, Nurses Award; and Isabella Allen, Youth Volunteer
Recipient.
Congratulations and thank you to all the winners and finalists for all you do for
healthcare in South Florida.

South Florida Hospital News southfloridahospitalnews.com June 2019 13

8 9 10 11 12 13 14 15 16 17 18