Author Archives: Vignesh Eswaramoorthy

Ransomware

Leave a reply

Ransomware is a malicious software that installs itself undetected to a server or a personal computer, restricting user access to cause functional disturbance and demand ransom in return for security of confidential information. It has lately been on the rise as it is an easy way for hackers to score profit. In 2014, the FBI estimated that ransomware swindled up to $27 million in just six months.

Healthcare faces more threat than other industries due to the sensitivity involved in patient information, and currently has limited protection against such attacks.

The recent attacks on hospitals correspond to the following reasons:

1. Insecure Hospital IT:

The hospital IT infrastructure is largely insecure, making it susceptible to a malware attack. Hospitals are using outdated software, which makes the hacker’s job all the more easy. Due to inadequate funding, the IT infrastructure remains more or less the same, leaving it vulnerable to an attack.

2. Hospitals have more to lose:

With the hospital battling life or death situations on a daily basis, a flurry of ransomware malware attacks can put both the patients and healthcare professionals at risk. . Such attacks can have wide ranging implications to a healthcare provider, such as unavailability of patient medical history, delayed reports and even potential public relations controversies.

3. Lack of qualified staff:

Most hospitals have this policy of spending the bare minimum for IT operations, which is a grave oversight. In line with this policy, hospitals fail to have the right IT infrastructure and shy away from installing new and improved software security features. It is very important that hospitals invest in skilled staff, who can help them adopt new tools that eliminate attacks.

Ransomware is a real threat to healthcare sector, affecting not only the coordinated care but also the regular functions of hospitals, not to mention risking sensitive patient information.

The best cure for this virus is prevention. Here are some simple steps to ensure maximum protection against ransomware.

1. Employee Awareness :

Ensure all employees using the server are aware of the threat and are frequently reminded of the danger of accessing dubious sites or downloading unknown files. Security awareness training could boost the security infrastructure and inform employees on responsible use of the internet. Employee’s conscious of the threat will less likely be trigger happy.

2. Focus on Cyber Security:

Hospitals must acknowledge the importance of cyber security and invest money on latest technology and infrastructure to prevent cyber-attacks. Hiring competent IT professionals and also training existing staff on new information technology will help in staying up to date.

3. Backup Plan:

All important data must be backed up on a system off site to limit the effect of an attack and retain hospital functionality. Hospitals must develop a business continuity plan and be prepared to prevent any attack on their servers. Measures such as disconnecting internet and turning off Bluetooth/Wi-Fi connectivity upon suspected attack or doubt can reduce the spread of any malicious software.

4. Restricting access:

Restricting network access and breaking up the network into smaller groups can help in restricting and containing attacks on the servers. Also, layering the server into groups will make it difficult for the hacker to infiltrate the server.

5. Block Zip files and spams :

Configuring mail servers to block zip, spam and other files, which may contain malicious content, can drastically reduce the threat of ransomware.

No one solution or technology can be the ultimate answer to ransomware, but these measures will ensure that the hospital is not an easy target to hackers. And in case of an attack, they also help the hospital protect sensitive data and retain functionality.

Every step in the network should be designed and built using hack-proof methodology. Hackers consider hospitals an easy target, but if they face considerable difficulties, chances are they would simply look away.

Achieving Population Health through Value based Healthcare

Leave a reply

The philosophy of healthcare is changing from fee-for-service to value-based, broadly, from treating the disease to treating the patient in a holistic manner. This change of attitude towards healthcare will offset a long-term, far-reaching consequence to closely related industries such as pharmaceuticals, government mechanisms, and regulation, to further the understanding of diseases and academic perception.

The overall idea is to attain better population health, around which the concept of value-based health care arrived. Nowadays a number of technological advancements like healthcare analytics give more clarity than ever before, to accomplish broader goals set for population health.

Providers should extend care beyond the walls, coordinate and communicate with caregivers to realize care quality.

Patient tracking

Tracking patients in real time after discharge, allows providers to monitor progress and provide care in a favorable environment. Patient tracking technology has been around for a while, but the data transfer between systems has always been the key challenge.

Healthcare professionals must select a reliable system to transfer data, as any wrong system is not only useless, but also costs the providers time and money, and can be a deterrent to care quality.

HIPAA compliant cloud storage

Internet of things and connected health devices has brought forth the mammoth amount of data to be extrapolated and assessed. With CMS promoting provider associations and collaborations at each level, it is no longer practical to store all the data in an onsite server.

It is simple and convenient to access patient information from multiple locations hosted on the cloud, however, threats associated with data security also increase proportionately.
Despite promises on cloud data storage, many providers are reluctant to completely accept this alternative. Hackers pose a real danger to cloud computing, and more so in case of the health industry. In 2015 alone, millions of sensitive patient information and other data was stolen from the servers.

To mitigate the dangers of such loss or theft of patient data from the cloud, all technology employed should comply with the HIPAA regulations to ensure the maximum level of data safety.

HealthViewX offers a wide range of solutions for secure communication, combating interoperability challenges and facilitates provider & patient-centric application enhancing the workflow and efficiency of Healthcare Providers.

Ransomware on the rise! Wake up or pay the price.

Leave a reply

The recent Ransomware attacks highlight the importance of a strong endpoint protection and vulnerability of hospital systems to such attacks. With attacks on Chino Valley Medical Center and Methodist Hospital in Kentucky just this month. Shortly before these, Hollywood Presbyterian forcefully paid cybercriminals $17,000 in Bitcoin.

Ransomware is the type of malware that stops a user from using their system. This type of malware forces the user to pay a ransom to regain access to their system. Apart from restricting access, ransomware also,

  • Encrypts files on a system
  • Stops certain apps from running (e.g. web browser)

The hackers normally demand money in exchange for restoring the system to normal.

Avoiding clicking on any unknown links and attachments is the best defense against a ransomware attack. However, if a person does click, intrusion detection systems and firewalls can help. Once the ransomware is installed on a system without good backup practices, the choices boil down to paying or never regaining control.