Hospitals besieged by ransomware attacks, hacker assaults on patients’ records

Hackers are wreaking  havoc on hospitals across the country with “ransomware” that locks up institutions’ computer systems until they pay off the miscreants. These high-profile incidents are just part of broader hacker attacks aimed at getting valuable patient information, experts say.

The latest incident targeted 10 hospitals serving hundreds of thousands of patients in the Washington, D.C. area. The hospitals were forced to cancel appointments and services, as they struggled through several days of attacks. They were reportedly limping back to normalcy.

This was one of several such incidents nationwide, in Kentucky, West Virginia, and California, and in Canada, too. A hospital in Los Angeles outraged many when it responded to a hackers’ attack that shut down its computer systems by paying a $17,000 ransom with bitcoins, a form of cyber currency. The hospital later said that tech experts, not paying the ransom, helped get the institution back to regular operations.

The FBI, which hasn’t inspired great confidence in the cyber community with its controversial battles with tech industry giants like Apple, has been called in,  in many of the hospital ransomware attacks.

While extreme for the harm that they could inflict on patients and their care, the ransomware assaults are part of a hack-edemic under way against health care enterprises, experts say. Evil-doers prize health and medical records because they contain invaluable troves of personal information that can be sold on black markets and exploited for nefarious gain. Doctors and hospitals, who were late to the party and resistant to electronic records, also haven’t been at the forefront of cyber security efforts and innovation─apparently they have been just the opposite.

I’ve written before about steps that patients can take to try to protect the privacy of their health records. But it’s clear that as technology races ahead, we’ve all to a war with callous criminals on our hands. Patients, caregivers, and hospitals have huge stakes, and need to work together. This includes, as has been proposed in California, seeking tough new laws to crackdown on cyber criminality.

Doctors, share those health files with patients

And speaking of those health records, a physician at Massachusetts General and Harvard Medical School has written an excellent piece, arguing that patients should pore over those documents and that doctors should readily share them.

The author says that too many errors creep into patient files, where they don’t get corrected and can cause harm; these problems have been worsened by the ease with which MDs can cut and paste information or drone on with irrelevant observations in electronic health records. He also makes an excellent case that physicians get a sharper, smarter view of their patients as flesh-and-blood people if they take the time to review their records with them, learning more and improving care.

I’ve written and advocated extensively  for patients’ rights to their records.  It’s ridiculous that doctors and hospitals have set up financial and practical barriers for patients to access what is theirs─information that can be critical to their own care.