Posts By: Beth Osborne

Healthcare Ransomware Attacks Cost Industry $21B in 2020

healthcare ransomware attacks

Healthcare ransomware attacks had a significant impact in 2020. New data reveals that the cost to the industry was nearly $21 billion. The 2020 numbers were the highest in the past five years. The pandemic was a catalyst for this increase. Let’s look at the why and how that delivered this unfortunate rise.

Ransomware in Healthcare Sees 470% Increase over 2019

In a report from Comparitech, the company aggregated data regarding healthcare ransomware attacks. They found 92 separate incidents, impacting over 600 clinics, hospitals, and organizations and over 18 million patient records. 

One of the most prolific was the Blackbaud, a cloud software provider. This specific ransomware issue affected over 100 healthcare organizations and over 12 million patient records. 

Tracking down every ransomware attack is challenging because HHS (U.S. Department of Health Services) only reports them if they impact more than 500 people. The report included those along with others that researchers were able to assess. 

Downtime Was a Consequence

Downtime for any organization is costly in so many ways. When healthcare organizations don’t have sufficient business continuity or data backups, downtime risk becomes greater. The report discerned that downtime ranged significantly, affecting those with less frequent backups or paper-only systems. One healthcare entity lost its records after a ransomware attack

In the company’s analysis, they hypothesize that ransomware caused 1,669 days of downtime for the industry. That’s over 40,000 hours!

Ransoms Varied and Some Organizations Paid Them

The gist of ransomware attacks is that cyber criminals request a ransom to give you back your data. They do this by stealing the data, copy it, and encrypt the data to prevent access.

Those amounts varied between $300,000 and $1.14 million. Some organizations paid it. In the Blackbaud incident, organizations paid out at least $2,112,744 to attackers. 

Why Is the Healthcare Industry Vulnerable to Cyberattacks?

Unfortunately, healthcare is an easy target. The industry has highly sensitive data and can’t afford to have any downtime. While those attributes make it attractive to hackers, cybersecurity efforts in the industry aren’t at the same pace as others. 

Some of the biggest challenges include outdated infrastructure, antiquated cybersecurity practices, on-premises systems, and failure to backup files. Risk rises when you use legacy systems to store patient files that are no longer updated or supported. Legacy systems have been a cause of cybersecurity incidents for some time. To mitigate this risk, you should consider archiving data to a secure, compliant repository so that you can decommission legacy systems for good.

Proactive Initiatives to Mitigate Healthcare Ransomware Attacks

In addition to moving away from legacy systems, healthcare organizations should also embrace the cloud. It’s more secure and flexible. They should also educate and train employees on best practices for cybersecurity. These sessions should be ongoing. With some healthcare workers still remote, this training should include securely working from home.

Additionally, healthcare entities should ensure that all their vendors follow best practices with their data. Third parties can be a back door for hackers. If a provider converts, migrates, shares, or archives your data, ensure they use the most advanced encryption and other proactive measures. 

InfoWerks Takes Data Security Seriously

As a partner to healthcare, we take data security seriously. We have a high level of cybersecurity measures in place. All our processes and services support HIPAA and HITRUST compliance, as well. We’ve never had a breach in our company’s history. Learn more about data security protocols and HIPAA compliance requirements.

Demand for Behavioral Health Services Accelerated During COVID-19, Virtual Visit Adoption Soared

behavioral health services

It’s no secret that the pandemic has had physical and mental health consequences. While the physical toil data may be more apparent, a new study of claims data looks at the latter. Cigna, one of the country’s biggest health insurance providers, published a new study analyzing behavioral health services claims. The study found that 97% of people had never had a prior claim for it, demonstrating the demand for this treatment. 

About the Study and Its Findings

The study entitled, One-Year Impact of COVID-19: Surging Use of Virtual and Behavioral Health, looked at the pandemic’s impact on mental health and care delivery. Cigna assessed claims data from March to May 2020, the first three months of the pandemic when information was scarce. 

The analysis found some other critical data points in addition to the huge jump in first-time patients seeking behavioral health services.

Antidepressant Use Increases

According to the data, the use of antidepressants increased by 7.9%. It also revealed that 32% of patients taking them had no history of taking them in the six months prior.

Who Sought Out Behavioral Health Services?

The majority (63%) of those seeking help were women. That number rose from 48% pre-pandemic. The age groups most seeking help were the youngest populations. Almost half, 45%, of patients were under the age of 30.

Most Behavioral Health Patients Using Telehealth

Cigna also revealed that 60% of its members are using telehealth to receive care. Before the pandemic, virtual visits compromised only 1% of all claims. Now virtual visits represent two-thirds of behavioral care sessions. 

That change signifies the adoption of telehealth by patients. Below, you can see the rates of adoption, which are all astronomical. 

cigna behavioral health care adoption rate

Image: Cigna

Cigna also followed up on this trend throughout the year. They found it was consistent, with around 66% of all behavioral health claims virtual. 

How Do Patients Feel About Virtual Visits?

In the report, Cigna also included data from its Evernorth Opinion Research survey. Over half, 58%, are comfortable with virtual visits. The leading reasons they prefer it revolve around convenience, fewer costs, and enabled long-distance care. Patients also are ready for healthcare at home, with 76% believing that virtual care is the future. 

Behavioral Telehealth Is Positive for the Workplace, Too

Behavioral health challenges can be just as demanding as physical ones. Often with support, workers can reduce missed days and positively impact their productivity. Cigna included stats from a separate study focusing on the workplace. The results showed a 45% decrease in missed workdays for telehealth patients. 

Final Thoughts on Behavioral Health Services

With the right access, individuals can thrive when addressing mental health concerns. With virtual delivery of behavioral health services, all stakeholders benefit—consumers, payers, providers, and employers. 

The demand for telehealth is not likely to fade post-pandemic. Patient consumers appreciate the convenience, and more people suffering may be likely to feel more comfortable with this route. What’s for sure is that behavioral health services can make all the difference in working through uncertainty and trauma. 

Data Storage Solutions and Challenges for Healthcare

data storage solutions

Healthcare evolved into a data-driven ecosystem. Data can improve patient care, improve operations, and deliver insights. However, storing data is a huge challenge for the industry, with concerns around costs and compliance. In this post, we’ll explore data storage solutions and challenges for healthcare data management.

So Much Data: An Opportunity and a Burden

Data generation in healthcare is growing every day. Intel estimated that worldwide health data would hit 25,000 petabytes in 2020. To provide context, that’s 500 billion four-drawer filing cabinets!

That breadth of data opens many doors in preventive medicine, public health initiatives, and better decision-making. Those are the positives. It also presents a burden of: where will this data live? How much will it cost? Will it be secure?

Next, we’ll review the two main solutions for data storage—on-premises and the cloud.

On-Premises Data Storage

Healthcare systems often adopt on-premises data storage solutions. The biggest reason is they have more control over their servers. Unfortunately, there are a lot of cons to this data storage strategy. 

On-site servers are expensive and time-consuming to maintain. They also take up considerable space, which most organizations don’t have, which impedes the ability to scale. That’s a serious problem since data is growing.

Further, it limits access to those physically within that space in most cases. In a digital world, users need access to data in many environments. 

Security is also a concern. On-premises servers connect to a local network, which hackers can exploit through phishing and malware attacks. While hospitals may have robust security protocols, on-site lacks the layered security approach of the cloud. 

Finally, there are lots of latency and downtime risks in this model. Any issues in your storage infrastructure or disaster event put these systems at risk of not being available. This is a big business continuity issue.

Cloud Data Storage Solutions

Cloud storage is the probable future of healthcare data storage. It eliminates most of the challenges with the on-premises option. More healthcare organizations are adopting the cloud, either public, private, or hybrid. 

The public cloud is like renting space from a provider like AWS. A private cloud solely hosts data and applications for an organization. A hybrid is a mix of both, enabling healthcare entities to choose which pieces go where. For example, they may put all sensitive and confidential data on the private side. 

The cloud is also more secure than an on-site server because it has a more robust security posture. It also keeps getting more secure, as cloud operators are at the top tier of cybersecurity. 

You’ll also save money, as you no longer have to pay for hardware upgrades and maintenance. Much less capital investment is necessary, and you can scale up or down as needed. 

Access is no longer an issue either since users can log into solutions remotely but securely. You also don’t have to worry about downtime because the cloud always has redundancy. 

How Are You Managing Healthcare Data Storage?

If you haven’t fully adopted the cloud for healthcare data storage, your organization should assess the situation. You’re only going to collect, gather, and use more data. Don’t let storage impact what you can do with it.