A hospital data breach can have tragic consequences
A data breach that affects any business can create turmoil, but when the breach hits a hospital it can have fatal consequences, according to a study detailed in Slate.
Researchers found a cyberattack or ransomware attack on a hospital can have a detrimental impact that goes beyond the immediate disruption. Slate cited an article published in Health Services Research (HSR).
The HSR study examined whether cybersecurity incidents were linked to higher death rates for patients. Researchers analyzed details about patients at about 3,000 hospitals between 2012 and 2016. They compared hospitals hit with security breaches against those that were not compromised.
Hospitals with data breaches experienced:
- A 0.23 percentage point jump in the likelihood of death two years after the breach
- A 0.35 percentage point increase in the likelihood of death three years after the breach
Researchers also found:
- Hospitals that experienced cyberattacks were slower in providing electrocardiograms to their patients than facilities that did not experience breaches.
- For every 10,000 heart attacks at a breached hospital, there were an additional 36 deaths beyond the expected fatality rate for people who suffer heart attacks.
Controversy about hospital data breaches
In 2015, a data breach affected McLean Hospital in Boston, exposing details about the health of over 1,500 people. The hospital reached a settlement with the attorney general’s office in Massachusetts. In addition to paying a $75,000 fine, McLean agreed to encrypt personal and health information on portable devices. The hospital took other steps to ensure the information was secure.
It would appear the settlement – designed to beef up network security in medical facilities – provided the best outcome for patients. Researchers concluded that security measures put into place after a breach had the unintended consequence of harming patients, however.
The authors of the study wrote, “The remediation activities to improve security in health IT systems following a breach introduce new changes into complex work environments, which may disrupt care processes and explain our findings of reduced quality.”
The Slate article questions the researchers’ conclusion, calling it “overly simplistic and shortsighted.” A hospital that experiences a security breach must implement measures to protect its sensitive systems and data. Failing to improve security measures could result in additional disruptions and possibly patient deaths.
How an attorney can help
A cyberattack against a hospital, without question, can have a devastating impact. That’s why medical facilities must ensure their data is protected. Like any business, hospitals need to beware of security breaches. Upgrading IT can be an inconvenience for workers, but failing to enhance security would be a negligent act that could give rise to a wrongful death lawsuit.
As experienced attorneys, we know that hospitals sometimes fail to take adequate measures to protect patients. They may fail to protect their systems against dangerous malware.
When a patient is harmed as a result of negligence, hospital administrators and the insurance companies often deny any wrongdoing. If you or a loved one was a victim of hospital negligence, you don’t have to go it alone. Contact Tyrone Law Firm today to find out how we can help.