Hospitals and other healthcare organizations must look for new ways to secure their data, but one area in their IT infrastructure is often overlooked: mainframe security. Ray Overby, co-founder and CTO of Key Resources, Inc., says that while the current healthcare environment has brought attention to the cybersecurity threats facing healthcare organizations, mainframes still fly under the radar.

With physician’s offices overwhelmed and, as a matter of safety, keeping in-office care limited to those who most need it, remote monitoring solutions can pick up signs and symptoms, track blood pressures, and more in the home—and often treat patients in the home as well.

The use of technology in healthcare has seen exponential growth. Artificial intelligence—in particular, machine learning—is gaining prominence throughout medicine, and is now being applied to enhance fetal and maternal safety in L&D.   

Locks on a building are irrelevant if an employee leaves a window open; similarly, cybersecurity protocol is irrelevant if medical personnel are not trained to ensure protection of the network. Like the continuous battle surrounding antibiotics and antibiotic-resistant pathogens, the fight between cybersecurity measures and hackers is also ongoing.

The growing wave of ransomware incidents that we saw toward the end of 2019 continued in 2020. Now, however, healthcare organizations are faced with a diabolical twist—in addition to the operational disruption, threat actors are now routinely stealing data and threatening to publish it online as an extra inducement for a ransom payment.

According to BDO’s 2021 healthcare digital transformation survey, respondents identified their top three areas of healthcare investment interest as telehealth (named by 75% of respondents, up from 42% in 2019), EHR interoperability (64%, up from 43%), and patient portals and digital messaging systems (56%, up from 50%).

Clinicians and other professionals who see patients on a daily basis aren’t necessarily thinking about cybersecurity from a patient safety standpoint. That makes password requirements, security education and training, and other requirements seem less directly connected to patient care and safety—even though they actually are integral to both.