Bavelle Technologies’ Post

I’m really worried about what ransom hacks involving the leaking of patient data will do for confidence in healthcare systems. This morning the BBC reported that a large volume of patient data from NHS Dumfries and Galloway has been released on the dark web. And a few days ago a Finnish hacker was sentenced after stealing and publishing data from patients undergoing therapy. In that case, the data leak cost some people their lives. As service users, do we now have to accept that there’s a non-negligible risk of our medical information being leaked? If so, how might that change what we feel comfortable sharing with medical professionals? A loss of confidence might stop us getting the help we need. Apart from doubling down on security and security training, there must be more institutions can do to reassure us. Collecting less data in the first place might help. Is it *necessary* for the treatment I’m receiving? If not, don’t ask. And definitely don’t use my personal information for anything other than that purpose. (I’m looking with a hard stare at my local GP surgery which shared my contact details with some academics researching middle-aged spread – rude…) Storing data only as long as it needs to be stored might also help. This is about data/content governance – having efficient processes for deleting information when it’s no longer needed. And perhaps there’s also something about categorising data so that the most sensitive information – stuff which might derail your life if it were to be leaked – is stored with the very highest levels of security, in separate repositories, which only very few people are able to access. I’d be interested to know what security experts like Richard K. think, though. [Image description: A Yale style key in a dark, shadowy space.] #NHS #healthcare #hacking

Michigan Medicine estimated there are more than 500,000 hack attempts aimed at its systems daily. While many are less elaborate means like robocalls, Dr. Marschall Runge, the health system’s CEO, said about 60 to 80 attempts per month are “highly sophisticated.” Health care systems and their vendors have increasingly been the target of cyberattacks in recent years. When successful, these schemes can jeopardize patient personal information and cripple a hospital’s operations. Such was the case in May at Ascension, one of the nation’s largest health care systems. A worker accidentally downloaded a malicious file, allowing hackers to gain access to a “small number” of servers. Several hospitals in Michigan were left unable to access electronic health records and various systems to order tests, procedures and medications. Hospitals delayed some non-emergency elective procedures and, at times, diverted emergency medical services to other nearby care centers. It could be months before the full damage of the attack is understood. Before then, another organization will likely find itself in a similar situation. “It’s not if you get attacked, it’s when,” said Runge, who also serves as dean of the University of Michigan Medical School. In 2022, eight of the 11 largest data breaches noted by the Michigan Attorney General’s Office targeted health systems. Nationally, almost one in four ransomware complaints came from healthcare entities that year. @laninfotech @glenbenjamin #laninfotech #becybersmart #becberfit #besafe LAN Infotech, LLC

In the 2024–2030 Federal IT Strategic Plan, the ONC emphasizes that patient data, with a rigid privacy and security framework, should be shared for better patient outcomes. Read our latest blog and learn how our modern infrastructure and data center solutions can help empower your organization. #ConnectionHealthcare #ONC #healthIT https://bit.ly/4dQo9mw

Healthcare's Pearl Harbor! Cyberattack on Change Healthcare: It's not over yet. Change Healthcare has been grappling with a significant cybersecurity incident. This disruptive event affected hospital payment and pharmacy processing operations, leading to a cascade of issues affecting thousands across a broad spectrum of US Healthcare entities. #healthcarefinance #healtheconomics #recruitment, #recruiting #medicalbilling #medicalcoding #healthcarerecruitment #healthcarejobs #medicalbillingcompany #hospitalmanagement #hospitaladministration Source: Becker's Hospital Review An attack on the entire sector': Fallout from Change Healthcare hack continues Images are stock Getty Images chosen as representations of companies and/or individuals referenced.

This attack and the damage it has caused are still ongoing and will likely continue to disrupt operations in the coming days. Historically, these attacking groups have behaved in a Robin Hood style, sparing healthcare. However, these days are gone. Healthcare is now targeted as an easy and efficient means for extortion by both "commercial" groups seeking money and state-sponsored groups aiming to extort money and cause societal damage. The situation is worsening, and I cannot say it will improve before it gets worse, as efforts toward achieving digital security are laughable, if not ignored entirely. At best, they meet the minimum legal and regulatory requirements. We can expect that a number of attackers are already present in healthcare networks, lying dormant and waiting for the optimal moment to either extort funds or join a government-sanctioned action. https://lnkd.in/eGCFS32a

This past Friday, the University Medical Center, a level-one trauma hospital in Lubbock, West Texas, fell victim to a ransomware attack. As the primary facility handling the most severe cases within a 400-mile radius, the implications of this attack are profound and far-reaching. What often goes unreported in such incidents are the nuanced impacts on healthcare delivery: 1. Data Transparency: Beyond the headlines and official statements, there's a significant gap in public information about how ransomware directly impacts healthcare systems' operations. 2. Patient Outcomes: There is an alarming scarcity of data regarding the effect of these cyberattacks on patient outcomes and quality of care. 3. Systemic Impact: The cascading effects on other trauma and regular medical centers remain largely unexplored. How are these centers coping with the diverted patient load? 4. Fatal Consequences?: The critical question - has this disruption to essential medical services led to loss of life? Given UMC's status as a nonprofit, it might be possible to gain more insights into the specifics of this attack and its repercussions. Such transparency is crucial for better preparation and response strategies. It raises a critical ethical and legal question: Should cyberattacks on healthcare facilities be considered equivalent to attempts on lives? What are your thoughts? Could stronger legal repercussions change the landscape of cybersecurity in healthcare? #Cybersecurity #Healthcare #Ransomware #PublicSafety #EthicalHacking

🚨 Michigan Medicine Cyberattack Update Nearly 58,000 patients' data was compromised following a cyberattack on July 30, 2024. The breach occurred after attackers accessed an employee account via a malicious multi-factor authentication prompt, exposing patient information like names, medical record numbers, and treatment details. Michigan Medicine is stepping up MFA education for its employees to prevent future incidents. #CyberSecurity #DataBreach #HealthcareSecurity #MichiganMedicine #MFA #PatientSafety

🚨 Michigan Medicine Cyberattack Update Nearly 58,000 patients' data was compromised following a cyberattack on July 30, 2024. The breach occurred after attackers accessed an employee account via a malicious multi-factor authentication prompt, exposing patient information like names, medical record numbers, and treatment details. Michigan Medicine is stepping up MFA education for its employees to prevent future incidents. #CyberSecurity #DataBreach #HealthcareSecurity #MichiganMedicine #MFA #PatientSafety

Data Breach: Consulting Radiologists Ltd. (CRL) Affected Another healthcare data breach. This time, Consulting Radiologists Ltd. (CRL), a Minnesota-based specialty radiology practice, has reported a significant data breach affecting over 500,000 individuals. The incident unfolded on February 12, 2024, when CRL detected suspicious activity in their network. After a thorough investigation, completed on April 17, 2024, CRL began notifying affected individuals on June 14, 2024. The breach compromised a range of sensitive information, including names, dates of birth, addresses, health insurance information, and medical data. In some cases, Social Security numbers and driver's license numbers were also exposed, amplifying the potential risk to affected individuals. CRL's Response: 1. Secured their network 2. Engaged cybersecurity experts in the investigation 3. Offering 12 months of free identity and credit monitoring 4. Set up a dedicated assistance line: 1-833-566-7922 This incident is part of a concerning trend of major health data breaches in recent months, highlighting the ongoing vulnerability of healthcare providers, especially specialized practices like radiology. While there's no evidence of data misuse so far, the sensitive nature of the exposed information poses significant risks to those affected. As healthcare professionals, we must remain vigilant and continuously improve our cybersecurity measures. This breach reminds us of the critical importance of data protection in our industry. We must learn from these incidents and strengthen our defenses to safeguard patient privacy and maintain trust in our healthcare systems. https://lnkd.in/e_TvBhr5 #HealthcareDataBreach #Cybersecurity #PatientPrivacy #HealthIT

In the 2024–2030 Federal IT Strategic Plan, the ONC emphasizes that patient data, with a rigid privacy and security framework, should be shared for better patient outcomes. Read our latest blog and learn how our modern infrastructure and data center solutions can help empower your organization. #ConnectionHealthcare #ONC #healthIT https://bit.ly/4dUTSCR