When we talk about healthcare breaches, people usually remember the big-name incidents: Anthem, Premera, Banner Health, and so on. Yet in reality there’s a huge number of smaller providers who are in the hackers’ sights and maybe don’t have the resources or expertise to adequately defend themselves. With ransomware threatening to shut down systems and impact patient care, the stakes have never been higher.
That’s why Trend Micro is a committed partner of HITRUST CyberAid: the first program to protect the records of patients of small health care providers and single practitioners. In fact, our products were the first to be rolled out as part of the program and are already helping protect key data and systems in small healthcare organizations (HCOs) around the country. Click here to watch more about the CyberAid program and hear insights from Senior Vice President and CIO at Children’s Health, Pamela Arora.
HCOs under fire
As we revealed in a recent report, Cybercrime and Other Threats Faced by the Healthcare Industry, North American HCOs are the most exposed in the world when it comes to internet-connected but unsecured devices. The report also explains how Electronic Health Records (EHRs) are in growing demand among cybercriminals. Why? Because they typically contain blend of information, including PII, medical, insurance and financial data. While the financial credentials can be reset and changed, personal identifiers and medical info has a much longer shelf life for the hackers and can be used to commit a variety of fraud, from filing fake insurance claims to getting hold of prescription drugs.
It’s no surprise that complete EHR databases can sell for as much as $500,000.
That’s not to mention the threat to hospital IT systems from ransomware which can have a major impact on service delivery and patient care. In fact, almost 80% of HCOs have suffered two or more security breaches, including records theft and ransomware, in the past two years.
Enter HITRUST CyberAid
HITRUST’s CyberAid program was launched specifically to help those HCOs which may currently be struggling to keep data and systems secure: physician practices with fewer than 75 employees. It combines network and endpoint security alongside end-user education, implementation, operations and support. The focus is on maximum protection for minimum cost – at just $25-$60 per user per year – and hassle-free maintenance, with zero ongoing administration and simple installation.
We’re proud to say Trend Micro has been supporting the initiative from the very beginning. Our cloud-hybrid network security appliance and endpoint security software were the first products to be approved by HITRUST; fulfilling the criteria for industry leading protection at low cost and with minimum fuss. In fact, we collaborated with HITRUST to customize our solutions specifically to meet the needs of CyberAid HCOs, and the results have been outstanding. Between October 20 and November 20, 2016 alone, each CyberAid participant was protected from 364 threats on average – that’s 12 potentially crippling ransomware, spyware, virus or other types of threat each day.
A hit with HCOs
The first partner organization in the HITRUST CyberAid program was Children’s Health, a pediatric healthcare system in North Texas which works closely with community physicians in the region. Given that these small practitioners comprise 40% of the healthcare community, the work of Children’s Health and organizations like it is vital to keeping cyber threats at bay in the industry. In fact, CIO Pamela Arora was recently presented with a prestigious 2016 Transformational Leadership Award by the College of Healthcare Information Management Executives (CHIME) for her efforts.
It’s early days, but we think CyberAid has the potential to transform the cybersecurity posture of small HCOs across the country, keeping patient data secure and key healthcare services up and running. That’s got to be good news all round.