Lancaster Physician Winter 2020 - 35

WINTER 2020

Hackensack Meridian Health, which
operates 17 facilities in New Jersey including
hospitals, outpatient centers, nursing homes,
and a psychiatric care unit, paid an undisclosed
ransom to stop the attack.
An Alabama hospital group, DCH Health
Systems, is still recovering after it paid an
undisclosed amount to hackers who in October
used a ransomware attack to lock files and
damage systems.
DCH officials chose to pay the ransom,
saying they needed to do so "to expedite system
recovery and help ensure patient safety."
The FBI has recommended that victims
do not pay attackers, as paying the ransom
encourages more attacks. Also, there is no
guarantee that a payment will result in files
being restored.
Lancaster Physician reached out to representatives of Penn State Health, Penn Medicine
Lancaster General Health, WellSpan Health,
and UPMC Pinnacle to find out what the
health care systems are doing to keep their
computer systems safe and prevent cybercrime.
Penn State Health
According to Matthew Snyder, chief information security
and privacy officer for Penn
State Health, cybersecurity is
a significant issue for health
care providers.
"When you think about the potential
impacts and what we've seen happen in the
healthcare sector, it's very sobering," Snyder
said. "This threat poses new risks that did not
exist several years ago, to everyone from very
large organizations to very small organizations."
Snyder referred specifically to the 2017
WannaCry ransomware attack that affected
more than 60 entities within the United
Kingdom's National Health Service and spread
to more than 200,000 computer systems in
150 countries.

how cybersecurity risks are not limited to
geographical regions, and that cyberattacks
have no boundaries in cyberspace," he said.
A major risk to health care systems is that
an employee will unwittingly allow malicious
software to infect the computer system by
opening an attachment or link contained in
a phishing email.

Penn Medicine Lancaster
General Health
Cybersecurity is a team sport
at Penn Medicine, with every
employee encouraged to remain
vigilant of cyber threats as they
go about their daily work, said Dan Costantino,
Chief Information Security Officer.

"Email is a highly versatile and effective
attack vector," Snyder explained. "It's easy for
criminals to use and it's cheap."

"Information security at Penn Medicine is
everyone's responsibility and practicing good
cyber hygiene does not require intense training
to achieve," he said.

As technology advances and the threat of
cyberattacks increases, Snyder urged health care
providers to address cyber risk as they would
any other business risk.

Employees have a variety of resources
available for reporting suspicious behavior or
security incidents, and Penn Medicine employs
a layered approach to keeping its systems safe.

He advised everyone to consult Cyber Essentials, a document released recently by the U.S.
Department of Homeland Security. The report,
which contains six actionable steps intended
to help business leaders and IT professionals
reduce their cyber risk, is specifically intended
for smaller businesses and local governments
who don't have large amounts of money designated for cybersecurity.

"We continue to apply security standards,
process and technologies in all areas where risks
are present, while implementing monitoring
and response procedures that limit the impact
of cyberattacks in the event they are successful,"
Costantino said.

Because the health care industry wasn't
heavily affected by cyberattacks until several
years ago, its cybersecurity tends to lag behind
that of other industries, Snyder said.
"But, now health care is really waking up
and realizing we have to get ahead of this," he
said. "We're operating in a catch-up phase right
now with threats that continue to advance in
sophistication and persistence."
Penn State Health works diligently to assure
its computer systems are safeguarded and is
serious about cybersecurity.
"Cybersecurity is vital to the success of our
mission at Penn State Health, which is to
provide high quality care for our patients,"
Snyder said. "My team and I know that our
work impacts our patients and their care and
everything we do here."

"That incident interrupted health care
worldwide and is a good example of how serious
this problem has become. It also highlights

Additionally, Penn Medicine takes an evidence-based approach to strategic planning
and security safeguard implementations, and it
develops security strategies that are specific to
the organization and its business model. That,
according to Costantino, results in higher levels
of security and improved business enablement.
Costantino explained that, while most cyber
threats are common across all industries, health
care faces some unique challenges with its
use of connected medical devices and mobile
devices that support the practice of mobile
health, known as mHealth.
Connected medical devices, such as glucometers or heart rate and blood pressure
monitors that transmit health data from a
patient's home to health care providers, have
contributed to improved patient outcomes.
However, Costantino said, they are not without
security challenges, as they could be targeted
in a cyberattack or used as a conduit for entry
into a hospital network.
Continued on page 36

LANCASTER

35

PHYSICIAN



Lancaster Physician Winter 2020

Table of Contents for the Digital Edition of Lancaster Physician Winter 2020

Lancaster Physician Winter 2020 - 1
Lancaster Physician Winter 2020 - 2
Lancaster Physician Winter 2020 - 3
Lancaster Physician Winter 2020 - 4
Lancaster Physician Winter 2020 - 5
Lancaster Physician Winter 2020 - 6
Lancaster Physician Winter 2020 - 7
Lancaster Physician Winter 2020 - 8
Lancaster Physician Winter 2020 - 9
Lancaster Physician Winter 2020 - 10
Lancaster Physician Winter 2020 - 11
Lancaster Physician Winter 2020 - 12
Lancaster Physician Winter 2020 - 13
Lancaster Physician Winter 2020 - 14
Lancaster Physician Winter 2020 - 15
Lancaster Physician Winter 2020 - 16
Lancaster Physician Winter 2020 - 17
Lancaster Physician Winter 2020 - 18
Lancaster Physician Winter 2020 - 19
Lancaster Physician Winter 2020 - 20
Lancaster Physician Winter 2020 - 21
Lancaster Physician Winter 2020 - 22
Lancaster Physician Winter 2020 - 23
Lancaster Physician Winter 2020 - 24
Lancaster Physician Winter 2020 - 25
Lancaster Physician Winter 2020 - 26
Lancaster Physician Winter 2020 - 27
Lancaster Physician Winter 2020 - 28
Lancaster Physician Winter 2020 - 29
Lancaster Physician Winter 2020 - 30
Lancaster Physician Winter 2020 - 31
Lancaster Physician Winter 2020 - 32
Lancaster Physician Winter 2020 - 33
Lancaster Physician Winter 2020 - 34
Lancaster Physician Winter 2020 - 35
Lancaster Physician Winter 2020 - 36
Lancaster Physician Winter 2020 - 37
Lancaster Physician Winter 2020 - 38
Lancaster Physician Winter 2020 - 39
Lancaster Physician Winter 2020 - 40
Lancaster Physician Winter 2020 - 41
Lancaster Physician Winter 2020 - 42
Lancaster Physician Winter 2020 - 43
Lancaster Physician Winter 2020 - 44
Lancaster Physician Winter 2020 - 45
Lancaster Physician Winter 2020 - 46
Lancaster Physician Winter 2020 - 47
Lancaster Physician Winter 2020 - 48
https://www.nxtbook.com/hoffmann/Lancaster_Physician/LPFall21
https://www.nxtbook.com/hoffmann/Lancaster_Physician/LPSummer21
https://www.nxtbook.com/hoffmann/Lancaster_Physician/LPSpring21
https://www.nxtbook.com/hoffmann/Lancaster_Physician/LPWinter21
https://www.nxtbook.com/hoffmann/Lancaster_Physician/LPFall20
https://www.nxtbook.com/hoffmann/Lancaster_Physician/LancasterPhysicianSummer2020
https://www.nxtbook.com/hoffmann/Lancaster_Physician/LPSpring20
https://www.nxtbook.com/hoffmann/Lancaster_Physician/LPWinter20
https://www.nxtbook.com/hoffmann/Lancaster_Physician/LPFall19
https://www.nxtbook.com/hoffmann/Lancaster_Physician/LPSummer19
https://www.nxtbook.com/hoffmann/Lancaster_Physician/LPSpring2019
https://www.nxtbook.com/hoffmann/Lancaster_Physician/LPWinter2019
https://www.nxtbook.com/hoffmann/Lancaster_Physician/LPFall2018
https://www.nxtbook.com/hoffmann/Lancaster_Physician/LPSummer2018
https://www.nxtbook.com/hoffmann/Lancaster_Physician/LPSpring18
https://www.nxtbook.com/hoffmann/Lancaster_Physician/LPWinter18
https://www.nxtbook.com/hoffmann/Lancaster_Physician/Fall2017
https://www.nxtbook.com/hoffmann/Lancaster_Physician/Summer2017
https://www.nxtbook.com/hoffmann/Lancaster_Physician/LPSpring17
https://www.nxtbookmedia.com