Business Advisory

Cyber-attacks: Is your medical practice prepared?

2 June 2023
5 min read

Cyber-attacks are becoming a growing concern for medical practices of all sizes. These attacks can involve extortion, data breaches and theft, ransomware, phishing attacks, malware infections, vulnerabilities in internet-connected devices, and insider threats.

A cyber-attack can have an immediate impact on a practice, hindering its ability to operate, as well as the flow on effects of private information being obtained and used for inappropriate or illegal purposes by others. The loss of reputational risk could have significant ongoing impacts for a business.

Potential threats

Here are examples of potential threats:

  • Data breaches and theft: Hackers may target patient records for personal gain or to sell on the black market. Physical security of devices such as laptops or smartphones that contain patient data also pose a security challenge as these devices are often highly portable. This can result in the loss or theft of sensitive patient information, as well as disruption of operations.

  • Ransomware: In these types of attacks, cybercriminals gain access to a computer system and encrypt patient data, making it inaccessible. The attackers then demand a ransom payment in exchange for the decryption key. These attacks can be incredibly disruptive, causing delays in patient care and resulting in a loss of revenue.

  • Phishing attacks and malware infections: These types of attacks often involve an attacker posing as a legitimate organisation and sending an email with a link or attachment that, when clicked on, can install malware, or steal sensitive information.

  • IoT device vulnerabilities: Many businesses use internet-connected devices such as medical equipment, smartphones, and tablets. These devices may have vulnerabilities that can be exploited by cybercriminals.

  • Insider threats: Staff may pose a risk to the security of patient data if they fail to follow proper protocols or if they intentionally misuse patient information.

To protect against these threats, you can take steps to reduce the likelihood of a cyber-attack and minimise the impact if one does occur.

Ways to protect your medical practice

Ways of reducing the likelihood of a cyber-attack include:

  • Conduct regular risk assessment and security audits. This can help identify potential vulnerabilities and areas for improvement in your practice’s security posture.

  • Undertaking endpoint detection practices. Endpoint detection practices are methods used to monitor and analyse network activity on endpoint devices such as desktops, laptops and smartphones to detect and respond to security threats.

  • Engaging shielding services. Shielding services provide protection against cyber-attacks through methods such as intrusion detection and prevention systems, security information and event management (SIEM) solutions, and managed security service providers (MSSPs) that monitor and manage a business’ security posture

  • Implementing internal security procedures and policies, and providing ongoing staff training

  • Preparing a crisis management strategy

  • Preparing a business continuity plan, including an initial response plan

Internal security procedures and policies include:

  • Implementing strong authentication methods

  • Using encryption to protect sensitive data

  • Regularly updating software

  • Conducting penetration testing and vulnerability assessments, and

  • Providing employee training on cybersecurity

  • Managing remote access to ensure that remote access to patient data is secure.

  • Ensuring supply chain security: Many businesses rely on myriad third-party vendors for services and ensuring that these vendors have adequate security measures in place can be a challenge.

  • Establishing regular monitoring of network activity can help detect malicious activity and allow organisations to respond quickly to potential threats.

To mitigate the financial impact of a cyber-attack, medical practices should ensure they have appropriate insurance cover.

This can include coverage for:

  • Loss of profits

  • Third party claims

  • Stolen money

  • Restoring information advice and costs.

When obtaining insurance cover, an insurer is likely to ask questions about the cyber environment, such as:

  1. Does the practice use end-point protection and monitoring solutions?

  2. Does the practice use multi-factor authentication?

  3. Does the practice perform regular system and file backups, and where are the backups stored?

  4. Have tests been made to successfully restore systems and files?

  5. Have cyber security assessments, penetration tests, and internet security scans been conducted, and by an external provider?

  6. Are all security and critical patches deployed on the practice's systems and applications promptly?

  7. Does the practice have a disaster recovery plan and business continuity plan?

  8. Does the practice have an educational program for all employees on cyber threats?

The answers to these questions will establish whether a medical practice is able to obtain cover, and the amount of the premiums (which are based on risk).

Don’t wait until it’s too late

Cyber-attacks are a growing concern, and it is crucial for them to take action to protect sensitive information and their own business operations. Most practice owners and managers do not have the skills to properly manage these cyber risks, so it's important to seek advice from a qualified provider to ensure that your practice does not become a victim of a cyber-attack. By working with a professional, you can implement effective security measures, prepare for potential threats and minimise the impact of a cyber-attack. Don't wait until it's too late, contact our team of cyber-security experts to protect your practice from cyber threats.