News
Article
Author(s):
With cyberattacks on medical institutions on the rise, CURE® spoke with an online security expert about steps patients should take if they believe their data has been exposed.
Health care organizations are increasingly under informational attack, with researchers reporting in a study of 374 ransomware attacks. The study, published by JAMA Health Forum, notedthat the annual count of ransomware attacks on health care delivery organizations was more than doubled from 2016 to 2021, in turn exposing the personal health information of 42 million patients.
The Change Healthcare unit of UnitedHealth Group, the largest billing and payment system in the country managing a third of all patient records in the United States, was struck by a cyberattack in February, according to The New York Times.
David A. Jaffray, chief technology and digital officer of The University of Texas MD Anderson Cancer Center in Houston, spoke with CURE® about what patients can do if they suspect that their data security has been compromised.
“We benefit from people who are concerned about any risks to their data when they reach out to us, it's very helpful for us to hear that from them if they have any concerns that maybe it has come from Anderson,” Jaffray said. “We do a very deep dive on every one of those [instances] because it is like a canary in the coal mine: Is there something that we can be doing to further increase our security and management of private information? We're very rigorous in this regard.”
“Your most critical digital systems, like your banking, like your credit cards, those kinds of things are, in my mind, a first go-to, to make sure that nothing has been tampered with,” said Jaffray. “Do get on a phone with them directly, make sure that the credentials haven't been changed [and that] there has been no change to their underlying information.”
Furthermore, Jaffray urged patients to contact their employer to make sure no financial information has been altered in that regard, either.
“Make sure someone hasn't gone in and changed your banking [and] payment information, [which is a] very common trick, we see the attempts at that quite often,” he said. “And so, these kinds of sort of critical parts to your life progressing — payment, banking, credit, taxes, for example, it's a really good idea to roll your passwords and then at the same time, go in and make sure that those pieces and the systems don't have changes in critical reporting information. … Once you do that, then at some level cyber criminals back to ground zero, they don't have the credentials necessary.”
Here are additional steps a patient can take if they suspect their medical record has been compromised, according to Jaffray and the team at MD Anderson Cancer Center:
For more news on cancer updates, research and education, don’t forget to subscribe to CURE®’s newsletters here.