USM Nursing Professor Emphasizes Importance of Cybersecurity in Healthcare

Thu, 07/11/2019 - 04:17pm | By: Van Arnold

Cybersecurity remains a paramount concern in fields such as healthcare where hackers use sophisticated methods to compromise patient data, medical devices and related subjects.

Just last month, the Food and Drug Administration recalled certain Medtronic MiniMed insulin pumps due to a risk of the devices being hacked.

At The University of Southern Mississippi, Dr. Marti Jordan, a visiting assistant professor in the College of Nursing and Health Professions, has been closely researching healthcare cybersecurity and the need for emergency preparedness. She is currently nearing completion of a Graduate Certificate Program in Health Informatics through the University of New England and has learned a great deal about cybersecurity as part of that program.

Jordan paints an alarming picture of how dangerous hacking can be to patients such as insulin pump users.

“Cyberattacks on the insulin pump can change the rate of delivery of the insulin dosage remotely and the patient might not even check it until he or she is having symptoms,” said Jordan. “If the patient becomes hypoglycemic (low blood sugar) because the hacker increased the rate of delivery of insulin, the patient could pass out and have seizures or become unconscious before knowing the pump rate had been changed. If the rate is decreased, he or she could experience hyperglycemia (high blood sugar) and then possibly develop a condition known as diabetic ketoacidosis (DKA).

“DKA is a life-threatening condition and one of the most serious complications of diabetes,” she added. “This requires hospitalization with IV fluid and electrolyte replacement, insulin replacement, and correction of metabolic acidosis. If untreated, this condition can lead to death.”

Jordan points out that the hacking of patient records is an annual occurrence. The 10 largest electronic health record data breaches from 2001 through 2018 ranged from 3.47 million to 78.8 million.

It is estimated that a cyberattacks occurs every 39 seconds. Healthcare data breaches reached record high levels in April of this year, affecting approximately 687,000 people. In the past five years, healthcare data breaches have impacted an estimated 80 million people 

“Most data breaches in healthcare have occurred because advances in technology have grown quicker than resources to protect the records,” said Jordan.

Resources include trained cybersecurity tech staff, updated software operating systems (facilities often still operate with legacy systems and patches no longer available), staffs trained about how to recognize scams that allow hackers to infiltrate the network through phishing scams, etc.

Jordan notes that healthcare organizations currently are the second-most attacked type of platform because those organizations store so much valuable information. Most information gained from healthcare data can be used to commit financial fraud (open bank accounts, credit cards, sabotage mortgages) or collect a ransom to secure cash.

As far as preventive measures, Jordan emphasizes that healthcare professionals should exercise awareness and vigilance. She explains that human error is responsible for up to 85 percent of cyberattacks.

Among the precautions Jordan recommends:

• Install patches to software
• Utilize strong passwords (at least eight characters)
• Don’t use recognizable words in passwords
• Don’t leave passwords out where people can see them
• Don’t click on links in emails
• Don’t answer emails you don’t recognize