While computers aren’t new to doctors’ offices, their use for tracking patient records has been both controversial and challenging. Paper records don’t require electricity, aren’t susceptible to malware threats and don’t need servers. Yet, as other aspects of patient care become computerized, from ordering bloodwork to prescriptions, EHRs offer access to records that can significantly improve patient care with better information. With EHRs being more mission critical for medical staff access, they demand as much uptime as needed. And yet, they need to balance that access with often required upkeep that ensures security.
Combined with an increase in hardware reliability and cost-effective cloud backup or access, the adoption of EHR is drastically increasing. For healthcare providers in catchup mode or the early adoption phases of EHR, IT teams are often concerned with not only who accesses what records but how to prevent malware from entering their networks.
Yet they need to calibrate the right balance between the ease and efficiency of data being available in on-demand locations (mobile nurses stations, doctor iPads/laptops), integrated IoT devices (medication dispensers, medical equipment), connected imagining devices (x-ray, sonograms, CAT scans) and all the while keeping them secured and restricted. These benefits come at a cost as they open up new attack vectors that can become difficult to manage and maintain.
Smaller organizations with less mature IT practices are often at great risk. And with security updates arriving on a more frequent basis, healthcare IT teams need to balance that risk. If systems are taken offline, healthcare professionals may be unable to update a patent’s records, get the latest in care notations and potentially not deliver best of service. Yet, if systems aren’t maintained and updated, their risk for unauthorized access may increase.
A May 2016 study by the Ponemon Institute found that nearly 90% of healthcare practices have been compromised with at least one malware within the past two years. The problem is that healthcare records are 50% more valuable than credit cards numbers on the black market. So there’s been a rapid evolution of malware that not only better targets healthcare providers, they feature ways of avoiding detection by understanding the thresholds that many malware threat detection.
Given that nearly 85% of modern healthcare don’t have a single qualified security person on staff, organizations are at significant risk. Better security these evolved threats means that teams need either a better solution to detect threats or the ability to allocate significantly more time for hunting down threats.
Curious what’s bypassing your existing network defenses?
BluVector’s supervised machine learning gives healthcare teams access to information that can help them analyze potential threats earlier and faster than ever. Unlike other solutions, BluVector works with human analysts to present them with potential threats and allows analysts to teach the system what they view as threats. So analysts don’t create a signature, they confirm suspicious content based on their knowledge of good and bad software.
Don’t know if your current malware detection is working? Sign up for a free network threat assessment where we show you your risks and how BluVector can lower them in the future.