This article is part of the “Practice Risk Solutions” series for regulated health professionals and health organizations, produced in partnership with BMS Group Ltd.
As the health industry migrates from paper-based to electronic clinical records, the risks associated with the collection, use and disclosure of personal health information changes. The requirements for electronic document security, encryption and transmission come to the forefront. The use of electronic repositories opens the door for cyberattacks and significant privacy breaches. With this change comes the need to identify organizational vulnerabilities and plan for them.
Digital risks to the health industry are real. Recently, one of Canada’s largest medical service companies was the subject of a ransom attack after hackers gained access to personal information of up to 15 million customers. A few months prior to this attack, three Ontario hospitals were subject to a malicious software attack. Last year, the U.S. Department of Health and Human Services issued a warning of a malware called “Ryuk” that threatened health care organizations. Ryuk is a type of malware that can remain invisible to average users for…