With countless patients and private data, the healthcare industry needs IT security.

One of the greatest fears of Australian Practice Managers is arriving to work in the morning to find the IT system is down for the foreseeable future. For situations like this, it is vital to have a data recovery plan that will eliminate the downtime created by unexpected IT outages and to mitigate against data loss. Data recovery and backup plans are rarely considered when most practices allocate their annual budget.

The business consequences for not having a data recovery plan in place are severe. Patient services are delayed as health professionals have little to no access to patient information, which creates an environment where both the patients and healthcare professionals feel frustrated and confused. Due to the inherent reliance on technology in modern practices, it is very difficult to plan for situations where technology will not be available. That is why disaster recovery plans and data backups are vital, they give everyone a very clear plan of action to avert a system shutdown.

In May 2017, England’s National Health Service (NHS) was the victim of the WannaCry mass ransomware attack. The security breach infected the system through malware that spread throughout the NHS network before encrypting system files and withholding them from the user until a ransom was paid. The result of this breach was an estimated 19,494 appointments affected, with 6,912 appointments, including operations were cancelled, and at least 139 people, some with severe illnesses, also had urgent referrals cancelled.

The identifiable cost to the NHS from the attack on May 12 2017, reached $314,000. The NHS still doesn’t know the total cost of the disruption to its services however, costs did include cancelled appointments, additional IT support provided by local NHS bodies and the cost of restoring data and systems affected by the attack. Furthermore, national and local NHS staff worked overtime including the weekend to resolve problems and to prevent a fresh wave of organisations being affected by WannaCry on Monday 15 May 2017.

The 2017 WannaCry attack on the NHS is believed to have been avoidable. According to the NHS, the security breach was a result of a failure to upgrade old computer systems at a local level. Many offices were running unpatched and unsupported software on their systems and, could have prevented the attack simply by following basic IT security best practices.

Closer to home, there are constant phishing attacks designed to replicate some of the most well-known Australian companies such as Telstra, Australia Post, Xero, and the ATO. The risk of an IT disaster in the healthcare industry goes far beyond just the financials. Professionals and practices stand to take a hit to their reputation, but more importantly, they can leak very sensitive patient data that can have severe legal consequences. Without strong security and data backup protocol, healthcare professionals can affect patient outcomes and the loss of revenue and trust of its patients.

New technology continues to enhance the patient experience and level of care that can be provided, but it also creates vulnerabilities that can allow for cyber-attacks and the potential for lost or stolen data. With CT, healthcare providers can have peace of mind knowing that their practice and patients are protected against the kinds of disasters that would have previously shut down their business.

There’s no doubt that the healthcare industry needs IT security.