Top Two Risks a Hospital Faces in a Malware Attack
In Part II of our Healthcare Matters series, What You Need to Know: Hospital Ransomware Attacks, we continue our conversation with Tom Andre, VP of Information Services at CAP, Inc., with a discussion of the risks and harms associated with a hospital being unable to access its computer system. Mr. Andre identifies two main risks: a risk to the facility’s reputation and, of course, a financial risk.
Hospitals and other companies and organizations will often try to avoid going public when hit with a ransomware or other malware attack. However, if the damage and disruption is great enough, this may not be possible. In the Hollywood Presbyterian Medical Center (HPMC) case, the hospital was unable to access records for several days, making publicity impossible to avoid. If medical records or patient financial information is compromised, hospitals will need to report this as well.
In addition to a risk to the hospital’s reputation, there is, of course, a financial risk associated with any type of malware attack. The amount of ransom paid out in the HPMC attack was only $17,000, not a very large amount. However, Mr. Andre pointed out that the hospital also lost productivity during the period its systems were down, which had to be made up once the system was fully functional again. See below to watch Part II of the series. To view the full interview, click here.