Healthcare Cyber Security

Insights on data safety amid heightened vulnerability

Key takeaways

  • Ransomware and other fraud tactics are making hospitals more vulnerable as they adopt interconnected technologies to address patient care and finance challenges
  • Cyber criminals are increasingly targeting the expansive private health data contained within hospital systems
  • Leaders that promote cyber hygiene can improve their organizations’ defenses, while also supporting better patient outcomes and an improved future for healthcare

Interconnected technology and patient care

Ransomware is emerging as the dominant cyber crime attack in healthcare. What accounts for this vulnerability? Linked technology, which offers many clinical benefits and meaningful efficiency gains, also exposes hospitals to cyber criminals. As hospital leaders work to guide their organizations through unprecedented times, our Healthcare Cyber Security Guide offers insights to help you understand your vulnerabilities and how you can protect your organization.


Below is a summary of key topics. See the full guide for robust insights and best practices.


Cyber criminals deliver malicious software, known as ransomware, through email and fraudulent websites. Healthcare organizations can avoid exposing patient data and computer systems by following a set of procedural routines, such as system backups and testing.


Business email compromise

Employee email is a common vector for ransomware, which often leaves compromised employees unaware that a breach has occurred. Because this fraud type relies on exploiting human psychology, best practices emphasize employee education and training. 


The Internet of Things (IoT)

As healthcare providers adopt remote monitoring and telehealth, the IoT ecosystem increases and so does exposure to technology vendors. Before making an IoT purchase, it’s critical to create a thorough checklist of security features, such as firmware updates, authentication protocols and encryption levels. 


The mobile threat landscape

Always connected mobile devices can produce a digital overload that overwhelms employees and heightens IT vulnerabilities, including text-message scams and device hacking. Understanding the range of mobile threats is key to a strong defense.

Supporting a cyber secure home

All remote hospital staff should be educated on how to maintain a safe security posture while working from home. From data-privacy policies to instructions for protecting home routers, senior executives have a range of available strategies for lowering risk.

Focus on the fundamentals

Hospital leadership can help prevent cyber events by establishing basic safeguards. According to John Hesselmann, National Head of Healthcare Banking at Bank of America, “By staying up to date on cyber security trends, educating staff and preparing for attacks, healthcare organizations can protect patient data and help stop fraud before it occurs.”