As ransomware attacks continue to rise across industries and make national headlines, Burr & Forman Chief Privacy Officer India Vincent discussed the rising trend and risk management in the healthcare publication Part B News.
Data from UK-based IT company Comparitech counted 92 ransomware attacks involving healthcare in 2020, which compromised 12.3 million patient records. As Vincent points out, the problem is actually much worse than Comparitech’s data suggests because it only includes breaches impacting more than 500 people and some breaches reported in the media. “Attacks with fewer than 500 victims often go unreported, or at least do not receive the attention necessary for the breach to make it into this type of analysis,” Vincent said.
One big risk area is the security of an organization’s vendors, whose access points with the organization’s system may present vulnerabilities. “Many of the recent breaches have highlighted the importance of ensuring that the organization’s vendors are following proper security measures in order to maintain the organization’s information,” Vincent said. “It may be difficult for many smaller organizations to implement a robust vendor management system, but having a checklist of key security measures all vendors are required to comply with can be a good start and help avoid some of the more preventable attacks.”