- A rise in ransomware attacks and data breaches against hospitals across the US may account for an uptick in heart attack deaths at those hospitals, according to a new study.
- Ransomware attacks are a rising cybersecurity threat, and their frequency doubled across industries in the past year.
- The study suggests that as hospitals were forced to adapt to cyber attacks with more robust security and overhauled IT systems, doctors and nurses were slowed down in providing care, losing valuable seconds during emergencies.
- Visit Business Insider’s homepage for more stories.
Detecting and treating a heart attack is a race against time – every minute that passes as emergency room patients wait for an ECG can put their life at greater risk.
New research reveals a rising threat to cardiac patients that is increasing wait times at hospitals across the country: cyber attacks and data breaches carried out by hackers.
A study published by researchers at Vanderbilt and the University of Central Florida earlier this month examined mortality rates for heart attacks at more than 3,000 hospitals nationwide, 311 of which had experienced data breaches.
The study, which we saw thanks to cybersecurity researcher Brian Krebs, found that those hospitals took as many as 2.7 minutes longer to give patients an ECG in the years following a data breach. Those hospitals also saw 36 additional deaths per 10,000 heart attacks per year on average.
The delayed treatment times at those hospitals wasn’t just a direct consequence of the breach – they were also impacted by doctors and nurses adjusting to IT changes that the hospitals implemented to recover from the breach, according to the researchers.
“In spending time in a lot of different health care organisations, what we saw in terms of reactions to breaches was rather predictable – that is, installing better security controls,” Eric Johnson, dean of Vanderbilt University’s Owen Graduate School of Management who co-led the study, told PBS.
Hospitals have been repeatedly targeted by ransomware hackers, who seize sensitive patient data or hack into hospitals’ IT systems and hold it for ransom. The number of ransomware attacks more than doubled in the first quarter of 2019 compared to the year prior, according to McAfee Labs.
The solution that researchers suggest is to invest more in data security and standardize how all hospitals store patient data. The department of Health and Human Services has issued voluntary cybersecurity practices for hospitals but doesn’t enforce clear standards across the industry – researchers say that such regulation is needed.
“We are not aware of formal regulations … even though poorly implemented electronics health records (EHR) have been associated with safety concerns,” the researchers wrote. “Protecting health information is an important responsibility of all parties in the health care industry.”
Business Insider Emails & Alerts
Site highlights each day to your inbox.