CHA News Article

FBI Cautions of Cyberattacks on Electronic Health Records
Study indicates health care security practices are ill-equipped for cyberthreats

A nationwide study conducted by the SANS Institute resulted in a February report indicating health care security strategies and practices are poorly protected and ill-equipped to handle new cyberthreats exposing patient medical records, billing and payment organizations, and intellectual property. In response, the FBI this month issued a Private Industry Notification that states, “Cyber actors will likely increase cyber intrusions against health care systems − to include medical devices − due to mandatory transition from paper to electronic health records, lax cybersecurity standards and a higher financial payout for medical records in the black market.” The notice, attached, includes instructions for reporting any criminal or suspicious activity to the FBI.