In a recent survey conducted by Accenture and the American Medical Association (AMA), 83 percent of physicians reported that they had experienced a cyberattack at their practice.
Of those who experienced a cyberattack, 55 percent of the attacks involved phishing, and 48 percent involved computer viruses. Medium to large practices were found to be twice as likely as small practices to experience phishing and computer virus attacks. Approximately two-thirds of the attacks resulted in up to four hours of downtime.
“The important role of information sharing within clinical care makes health care a uniquely attractive target for cybercriminals through computer viruses and phishing scams that, if successful, can threaten care delivery and patient safety,” AMA President David O. Barbe said. “New research shows that most physicians think that securely exchanging electronic data is important to improve health care. More support from the government, technology, and medical sectors would help physicians with a proactive cybersecurity defense to better ensure the availability, confidentiality, and integrity of health care data.”
Eighty-five percent of respondents also said they believe that it is very or extremely important to share personal health data outside of their health system, but 83 percent said that HIPAA compliance alone is not sufficient and that a more holistic approach to evaluating and prioritizing risks is necessary.
“Physician practices should not rely on compliance alone to enhance their security profile,” Kaveh Safavi, head of Accenture’s global health practice, said. “Keeping pace with the sophistication of cyberattacks demands that physicians strengthen their capabilities, build resilience and invest in new technologies to support a foundation of digital trust with patients.”