Skip to main content
Greenway Health
Main navigation
  • Solutions
      • Greenway Solutions
          • Solutions by Product
          • NEW! Medical Coding
          • Cloud Bundle
          • Electronic Health Records
          • Practice Management
          • Revenue Cycle Management
          • Telehealth
          • Patient Engagement
          • Analytics
          • Interoperability
          • Clearinghouse Services
          • Care Coordination Services
          • Marketplace Partner Integrations
          • View All
      • Solutions
          • Solutions by Specialty
              • Cardiology
              • FQHC
              • OB-GYN
              • Orthopedics
              • Pediatrics
              • Primary Care
              • Surgery
              • Tribal Health
              • View All
      Past Webinar

      Breaking down the 21st Century Cures Act — what it means for your practice

      Read More
      Greenway Blog

      2023 Regulatory Updates: A Look Ahead

      View Details
  • Knowledge Center
      • Challenges
          • Data Security
          • Compliance and Reporting
          • Patient Care
          • Workflow Efficiencies
          • Profitability
          • Support and Training
          • MACRA: MIPS and APMs
          • Value-Based Care
          • View All
      • Knowledge Center
          • Resources by Type
              • Greenway Blog
              • Webinars
              • E-books
              • Case Studies
              • Infographics
              • Videos
              • View All
          • Resources by Topic
              • 21st Century Cures Act
              • Cybersecurity
              • EHR/EMR
              • Telehealth
              • Patient Engagement
              • Population Health
              • Regulatory
              • Revenue Cycle Management
              • View All
      Past Webinar

      Breaking down the 21st Century Cures Act — what it means for your practice

      Read More
      Greenway Blog

      2023 Regulatory Updates: A Look Ahead

      View Details
  • About Us
      • About
          • News
          • Events
          • Awards and Certifications
          • Award-Winning Clients
          • Greenway Champions
          • Greenway Engagement Model
          • Community Involvement
          • Careers
  • Cures Act Resources
Utility
  • Login
  • Support
  • Events
  • Careers
  • Contact
  • 877-932-6301

Free Consultation

greenway blog

Step up EHR security to prevent data breaches and ransomware

ransomware targeting healthcare
Thumbnail

Cyber threats swirl around healthcare practices. As conflicts mount overseas, the need to bolster EHR cybersecurity takes precedence.

This situation comes after growing cybercriminal organizations, combined with the COVID-19 pandemic, caused a sharp rise in breaches and healthcare ransomware attacks across the industry.

In this blog we explore why threats like breaches and healthcare ransomware attacks exist and what you can do to improve EHR cybersecurity for your practice.

“That’s what makes health records valuable — not always the record itself, but what you can do with the information.”
Brian Bobo, Chief Digital Officer, Greenway Health

The most valuable record

You probably know healthcare records are valuable to cybercriminals, but do you know why?

It’s not just the patient health information (PHI) the record contains, but the other information that accompanies PHI, such as addresses, birth dates, social security numbers, and even more obscure data such as insurance policy numbers, all of which someone can use to impersonate you.

“Or, that person can use it to send you a realistic phish email, knowing what no one else knows,” said Brian Bobo, Chief Digital Officer at Greenway. “That’s what makes health records valuable — not always the record itself, but what you can do with the information.”

ransomware in healthcare

The high cost of a record is what makes the average healthcare industry breach so expensive. In 2021, the average cost of a healthcare breach was $9.23 million, up 29.5% from $7.13 million the year before, according to the IBM Cost of a Data Breach Report 2021.

Meanwhile, the number of healthcare breaches continues to skyrocket. Attacks affected 45 million people in 2021, compared with 34 million in 2020, according to a report by Critical Insights based on U.S. Department of Health and Human Services (HHS) breach data. What’s more, the number has more than tripled since 2018, when it was 14 million.

Time to be vigilant about EHR cybersecurity

If cybercrime had been little more than a passing concern for your practice, now — in an era of rising global conflict — is the time to take threats seriously.

Here are a few steps your practice can take to prepare:

  • Review cyber awareness with employees
  • Scrutinize potential phishing emails
  • Look into cyber insurance, which may be hard to obtain, but can help a practice

Ransomware attacks on healthcare

Healthcare ransomware attacks have become more common in recent years, and in many cases have caused significant damage. At least 91 U.S. healthcare organizations fell victim to a ransomware attack in 2020, according to a May 2021 HIPAA Journal report.

This is compared to 50 healthcare organizations that fell victim in 2019. Ransomware is a variety of malware that uses encryption to block access to files until a ransom is paid. When healthcare ransomware strikes, it can slow systems and processes and put lives at risk.

Security in the cloud

Practices concerned about security may also consider moving from their on-premise server to a cloud-based solution, if they have not already.

“Practices with an on-premise server have responsibility for monitoring their software and systems,” Brian said. “If you move into the cloud, then we take a lot of that burden off of you.”

In general, practices with limited infrastructure and IT teams are better positioned to secure data using a cloud-based solution than on their own.

Some practices with an on-premise server may have concerns about internet access in rural locations, or be hesitant to overturn existing processes. “Your concerns about moving to the cloud are valid,” Brian said. “Everyone has unique issues. I would encourage you to talk to us and see what we can do for you.”

Still, the practice that remains with an on-premise server must consider the necessary investment in security, as well as what it will take to make sure everything is up and running. Here, the total ROI of going to the cloud may be considered. Securing on-premise technology comes at a significant additional cost to a practice — a cost it could avoid in the cloud.

Here are a few other benefits of the cloud:

  • Disaster recovery: If you’re concerned about hurricanes, tornados, or other disasters, you can rest easy knowing your cloud-based solution provides fault tolerance.
  • Maintenance: A cloud solutions provider can handle maintenance, sparing you hardware costs or the need to rely on local backups.                   
  • Version upgrades: With a cloud-based solution, you can stay up to date on both EHR software and operating systems releases, alleviating version issues or vulnerabilities.
  • 24/7 monitoring: Real-time monitoring accounts for operational and application performance and may be available to you via high-speed internet from anywhere.
  • System patching: Automatic application and service pack updates will not interrupt operations. As a result, you have fewer costs, as well as fewer tasks to manage, than with an on-premise server.
  • Secure servers: You can use systems that protect you from cybercriminals, malware, and other threats.
healthcare ransomware

Focus on what you do best

“Your concerns about moving to the cloud are valid. Everyone has unique issues. I would encourage you to talk to us and see what we can do for you.”
Brian Bobo, Chief Digital Officer, Greenway Health

There aren’t many small practices that can manage security and hardware requirements as well as a cloud service. A cloud-based EHR provider can go above and beyond when it comes to security, with best of breed systems to prevent, detect, and isolate attacks.

“As a small practice, or even a big practice, your business is providing healthcare,” Brian said. “Let us take care of technology so you can focus on providing great care to patients.”


how to prevent ransomware in healthcare

Learn more about EHR cybersecurity with our best practices guide to securing patient data.

Get the guide

Related Solutions

Fully bundled, cloud-based EHR and practice management solutions

A reimagined, cloud-based EHR in one, all-inclusive package*.

Learn More

Interoperability

Data connections that improve visibility across the range of care.

Learn More

Patient Engagement

Engage with patients beyond the office, without adding extra work.

Learn More

Discover more cybersecurity tips in our Knowledge Center

Thumbnail
Greenway Blog

Benefits of a cloud-based EHR vs. server: Which is best?

Read More
Thumbnail
Greenway Blog

Moving to a cloud-based EHR? Repurpose your IT Team

Read More
Thumbnail
Greenway Blog

Running outdated software? Upgrade your EHR now to boost security

Read More
Thumbnail
Quiz

Identifying the right healthcare IT partner for your practice

Read More
Visit our Knowledge Center

Social

  • Facebook
  • Twitter
  • Linkedin
  • Instagram
  • YouTube
Footer menu
  • Term of Use
  • Privacy Statement
  • Compliance
  • Careers
© 2023 All rights reserved. Greenway Health, LLC

Stay informed with Greenway Health’s latest news

Subscribe