How to Prepare for Data Outages in Healthcare

By Anthony Cusimano, CTO of Object First.

There is no sugar. cybercriminals are attacking the US healthcare industry. The FBI recently announced that healthcare experienced more ransomware attacks in 2022 than any other industry.

As healthcare professionals, the ultimate goal is to provide safe and effective patient care. Consistent and accurate access to electronic health records is a significant part of this goal, which could be compromised by any data breach. Once a threat actor is on the system, they can disrupt operations by decrypting data, locking or deleting files, and encrypting data until the ransom is paid. Healthcare organizations should be aware of the ransomware threat, regardless of the size of the facility, and plan to protect its data.

A serious threat

Healthcare has been in the spotlight as a target for ransomware attacks for some time. Ransomware attacks against US healthcare organizations more than doubled between 2016 and 2021. But now cybercriminal gangs are becoming more innovative, using new techniques to infiltrate networks, evade detection and encrypt files.

In February, the Healthcare Cybersecurity Coordinating Center warned healthcare systems about a new ransomware variant targeting the industry, MedusaLocker. The group took advantage of the COVID-19 pandemic to infiltrate and encrypt healthcare systems. Ransomware variants such as MedusaLocker, including Royal and Clop, make healthcare their primary target due to the wealth of personal information contained in these systems. In addition, healthcare organizations often have less robust IT/cybersecurity departments than other industries such as technology or financial sectors due to understaffing, lack of funds, and outdated technology.

But ransomware isn’t the only thing that can destroy a healthcare practice. Natural disasters, such as flooding or inclement weather, or human error, such as an employee accidentally deleting an important file, can happen just as unexpectedly. All hospital IT departments and independent practices should have a data backup and recovery program in place to protect sensitive electronic medical records and keep patient care running smoothly and securely. However, often these departments only have the resources to implement solutions that are not monitored in the background. Without a proper plan, this leaves them vulnerable when data outages occur.

While all of this may seem discouraging, actions are within our control. Consider these steps to be prepared in case of data outages.

One step forward

A solid data protection strategy is as easy as “3-2-1”. This is a simple way of saying that organizations should have three copies of their data stored on two different types of media, with at least one copy off-site in a completely different geographic location. Making sure your organization meets these requirements is an important first step.

There are also aspects of a recovery plan that any IT team member or company leader should be aware of. Recovery Point Objective (RPO) and Recovery Time Objective (RTO) are important details that determine how often a backup is performed (RPO) and how long it takes to bring all systems back online from the backup after the recovery process is implemented ( RTO). These goals will vary from business to business, depending on the volume of data and the needs and resources of the business. Regardless, it’s important to be aware of these metrics and find the right fit for your organization so that if a data failure occurs, you know how long it will take to get data back online and how much data will be lost forever. because it hadn’t been backed up yet.

Another way to prepare is to outline a comprehensive plan of action for your organization’s most likely data breach scenarios, including the roles and responsibilities of each key employee. For example, this may include compiling a list of contact information for relevant stakeholders who need to be aware of a breach or data loss, and assigning someone to handle this notification. It’s worth noting that all company information that may need to be accessed when responding to data outages should be stored on a separate system so that it is accessible in the event of an outage.

Finally, make sure you have the right data backup solution. All the planning in the world can only go so far if the data on the backup device has also been tampered with or is otherwise unrecoverable. That’s why it’s important to invest in immutable data backup. True immutable storage solutions ensure that files can never be modified or deleted as long as the immutability flag is set. When data is immutable, it is protected from threat actors, employee errors, or other potential data threats.

Suppose healthcare organizations devote only a fraction of their care to protecting their data when they treat their patients. They can avoid complex, time-consuming or expensive data recovery with this due diligence, ultimately improving patient care and preserving the organization’s reputation while reducing stress on their IT staff.

Work in the healthcare sector