What the massive healthcare cyberattack at Ascension means for your privacy and security

Ascension, one of the largest health systems in the United States with 140 hospitals, faced a significant cyberattack that disrupted its operations. It was reported that the attack caused patient record systems to go offline, forcing medical staff to resort to paper records. This event is a stark reminder of the vulnerability of America’s healthcare system to cyber threats.

Credit: Ascension

 

What was the Immediate impact of the cyberattack?

The aftermath of the cyberattack was immediate and disruptive. Emergency crews had to divert patients to other hospitals, and staff had to implement manual workarounds. Essential systems like MyChart, phone services, and electronic ordering for tests and medications were affected. The company has had to delay some elective procedures and appointments, urging patients to come prepared with detailed notes on their conditions.

Credit: Ascension

 

MORE: 5 BEST TELEMEDICINE APPS FOR VIRTUAL HEALTHCARE 

 

Ascension’s response

Ascension’s response was swift, with an investigation launched to determine the extent of the breach. The health system, which is based in St. Louis, has not provided a timeline for service restoration but has assured us that they are working diligently to resolve the issues. Nurses and staff have had to adapt quickly, facing challenges such as accessing electronic health records and using devices like glucometers that rely on electronic identification systems.

 

MORE: HOW GENERATIVE AI COULD CUT HEALTHCARE COSTS AND DEVELOP NEW CANCER DRUGS 

 

Cybersecurity in healthcare

The recent security failures in hospitals have been likened to car owners leaving their keys on the seat with the door unlocked. The American Hospital Association supports voluntary cybersecurity goals but has expressed concerns over mandatory measures proposed by the Biden administration. They argue that such requirements could unfairly penalize hospitals for vulnerabilities introduced by third-party technologies.

 

MORE: A DAD’S LIFE-SAVING INVENTION IS INSPIRED BY HIS WIFE’S NEAR-DEATH ORDEAL  

 

The bigger picture paints a concerning trend in healthcare 

This cyberattack is not an isolated incident. It follows a concerning trend of increased cyber threats to U.S. medical systems. Just recently, Change Healthcare suffered a similar fate, which had widespread repercussions across the healthcare industry. The Ascension hack, while smaller in scope, directly impacted systems crucial for patient care.

An Ascension spokesperson provided this statement which is posted on the non profit’s website.

Safely caring for patients remains our highest priority as we navigate this cybersecurity incident. We are actively supporting our ministries as they continue to provide safe, patient care with established downtime protocols and procedures, in which our workforce is well trained. It is expected that we will be utilizing downtime procedures for some time.

You can read the company’s entire statement here.

 

8 proactive steps to take in the face of healthcare cyberattacks

In the wake of the cyberattack on Ascension, consider taking several proactive steps to protect your personal information and prepare for potential disruptions in healthcare services:

1) Stay informed: Keep up-to-date with the latest news from Ascension and other reliable sources to know the status of the systems and services.

2) Personal health records: Maintain personal health records saved on your own devices or printed out, including a list of medications, allergies, past surgeries, and other relevant health information. This can be invaluable if electronic health records are temporarily inaccessible.

3) Emergency preparedness: Have a plan for medical emergencies that includes knowing alternative healthcare facilities and understanding how to reach them if your primary hospital is affected. For example, my nearest emergency department recently had a waiting time of several hours, while a top hospital an hour away could see many patients within minutes.

4) Cybersecurity best practices: Practice good cybersecurity hygiene by using strong, unique passwords for online accounts. Consider using a password manager to generate and store complex passwords. Also, enable two-factor authentication where available.

5) Vigilance against phishing: Be extra cautious of phishing attempts, as cyberattacks often lead to an increase in phishing emails and calls, trying to exploit the situation. The best way to protect yourself from clicking malicious links that install malware that may get access to your private information is to have antivirus protection installed on all your devices. This can also alert you of any phishing emails or ransomware scams. 

My top pick is TotalAV, and you can get a limited-time deal for CyberGuy readers: $19 your first year (85% off) for the TotalAV Antivirus Pro package.  

Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android & iOS devices.

Best Antivirus Protection 2024

6) Contact healthcare providers: If you have appointments or procedures scheduled, contact your healthcare provider to confirm or reschedule as needed should a cyberattack disrupt normal operations.

7) Patient portals: If you use patient portals like MyChart, monitor them for updates regarding your medical records and communication with healthcare providers.

8) Data breach response: In case of a data breach, be ready to follow instructions from Ascension or any affected medical provider regarding credit monitoring or other protective measures.

By taking these 8 steps, you can help safeguard your personal health information and ensure better continuity of care during cyber-related disruptions.

 

Kurt’s key takeaways

The cyberattack on Ascension underscores the urgent need for stronger cybersecurity measures in healthcare. With the White House pushing for “mandatory minimum” cybersecurity standards, it’s clear that voluntary measures are no longer sufficient. The healthcare industry must prioritize cyber security to protect against such threats and ensure the safety and privacy of patient data. For us as patients, we need to have a backup plan and keep track of our medical records as much as possible.

What role should government agencies play in bolstering cybersecurity measures within private healthcare systems? Let us know in the comments below. 

FOR MORE OF MY SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE

 

Copyright 2024 CyberGuy.com.  All rights reserved.  CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.

Related posts

Best last minute holiday gifts

Understanding brushing scams and how to protect yourself

From TikTok to trouble: How your online data can be weaponized against you