Prevention key to cutting cyberattacks in hospitals, protecting patients: researchers
Hospitals must do more to protect patients' personal data from cyberattacks that can lead to disruptions in care, urges an article published Monday in the Canadian Medical Association Journal.
About 16 separate cyberattacks have occurred at health organizations across the country since 2015, but more go unreported, said lead author Vinyas Harish, a medical student at the University of Toronto and Unity Health Toronto.
Publicly funded systems are lucrative targets for hackers who may demand a ransom for patient information that could be sold on the dark web, says the article, co-authored by three Unity Health Toronto doctors with expertise in the use and management of medical information and another at the University of British Columbia.
Harish noted that a ransomware attack on five Ontario hospitals last month forced an unknown number of patients, including those that needed cancer treatment, to be diverted to another site because their medical records may have been inaccessible. Some data, such as lab results, would have been available through other shared electronic sources.
Clinicians who access medical records should be trained annually to recognize phishing attempts hackers use to install malware that can infect a system and encrypt data, he said.
"I think sometimes the risk that we run is people sort of rolling their eyes and looking at this as just another thing that they need to do on top of their busy clinical practice and all the documentation that they need to do to take care of patients."
The call for action comes as a national standard for cyberattack measures on health organizations is set to be released next week.
Funded by Public Safety Canada, it was developed by the Digital Governance Standards Institute and HealthCareCAN, which represents hospitals and health-care organizations.
"The main driver of all this is that we saw that too many of our health institutions in Canada were being attacked," said HealthCareCAN president Paul-Emile Cloutier.
"If there's no framework, if there's no planning -- which the standards will talk about -- that's when you're really in a mess," he said of the standards, expected Nov. 29.
"Anything that has to do with a cyberattack is not an IT issue. It's a governance issue. So, that means everyone in the organization should be made aware of what needs to be done to prevent it because often there's an error from a person in the hospital that triggers a cyberattack," said Cloutier.
Harish urged hospitals, labs and clinics to stop relying on older systems that have outdated security measures and use two-factor authentification and strong passwords.
When an attack does occur, staff should respond immediately by taking measures such as disconnecting devices from the internet, restoring systems from backups and getting help from external vendors, said Harish, who also has a computer science degree.
Yvette Coffey, president of the Registered Nurses Union Newfoundland and Labrador, said an October 2021 cyberattack paralyzed a primary network shared by all four regional health authorities. Some surgeries, lab tests and appointments were cancelled, adding to delays caused by the pandemic.
"When it happened, we basically went back to pre-1980s, with no access to patients' data or medical records. Emergency surgeries had to go ahead but even that was difficult because they had to produce a paper chart," she said.
"It was difficult to find a lab requisition and X-ray requisitions. We couldn't even call patients to say, 'Sorry your surgery is cancelled' because we didn't even have their phone number."
A provincial report in March said the credentials of a legitimate user had been compromised to access records of current and former patients going back to 1996. The breach revealed names, addresses, health care numbers, diagnoses, procedure types, email addresses and banking and financial information. Hackers obtained the social insurance numbers of 2,514 patients.
Sami Khoury, head of the Canadian Centre for Cyber Security, encouraged health organizations to report cyberattacks so more can be learned on a national level.
"Maybe it's one ransomware group that is going after all hospitals, or it's just a target of opportunity. We need to share a lot more about that ransomware group so that hospitals can protect themselves."
This report by The Canadian Press was first published Nov. 20, 2023.
CTVNews.ca Top Stories
BREAKING Canada's jobless rate jumps to near 8-year high of 6.8% in November
Canada's unemployment rate rose more than expected to 6.8 per cent in November, a near-eight-year high excluding the pandemic years, even as the economy added a net 50,500 jobs, data showed on Friday, likely boosting chances of a large interest rate cut next week.
3 climbers from the U.S. and Canada are believed to have died in a fall on New Zealand's highest peak
Three mountain climbers — two from the U.S. and one from Canada — missing for five days on Aoraki, New Zealand's tallest peak, are believed to have died in a fall, the authorities said Friday.
Salmonella cucumber recalls include products that may not be labelled: CFIA
The Canadian Food Inspection Agency has published an expanded pair of recalls for cucumbers over risks of salmonella contamination.
NEW Canada set to appoint Arctic ambassador, open new consulates as part of new Arctic Foreign Policy
Canada will appoint a new Arctic Ambassador and open two new consulates in the region to help deal with what it calls changing geopolitical dynamics in the Arctic, as part of its newly launched Arctic Foreign Policy.
Purolator, UPS pause shipments from couriers amid Canada Post strike
Purolator and UPS have paused shipments from some courier companies as they try to work through a deluge of deliveries brought on by the Canada Post strike.
Jasper family reunites with cat missing 100 days in the wilderness
Nicole Klopfenstein's four-year-old black and white tabby survived in the wilderness for more than 100 days after a ferocious wildfire forced the evacuation of the Rocky Mountain town of Jasper, Alta., this summer.
DEVELOPING Police scour New York for suspect two days after UnitedHealth executive gunned down
Armed with a growing file of clues, New York police on Friday were scouring surveillance videos and asking the public for help in their search for the masked assailant who gunned down a UnitedHealth executive on a Midtown Manhattan sidewalk.
opinion How will the weak Canadian dollar affect your holiday and travel plans?
As the Canadian dollar loses ground against major global currencies, personal finance contributor Christopher Liew explains how current exchange rates can impact your travel plans, and shares tips to help you plan smarter and protect your wallet.
The world has been warming faster than expected. Scientists now think they know why
Last year was the hottest on record, oceans boiled, glaciers melted at alarming rates, and it left scientists scrambling to understand exactly why.
Local Spotlight
Regina home recognized internationally for architectural design
Jane Arthur and her husband David began a unique construction project in 2014. Now, a decade later, their home in Regina's Cathedral neighbourhood has won a title in the Urban House and Villa category at the World Architecture Festival.
Calgary director Kiana Rawji turns her lens toward slums of Nairobi with 'Mama of Manyatta'
Two films shot in Kenya by a director and writer based in Brooklyn who grew up in Calgary are getting their Calgary premiere screening Saturday.
N.S. woman finds endangered leatherback sea turtle washed up on Cape Breton beach
Mary Janet MacDonald has gone for walks on Port Hood Beach, N.S., most of her life, but in all those years, she had never seen anything like the discovery she made on Saturday: a leatherback sea turtle.
'It moved me': Person returns stolen Prada bag to Halifax store; owner donates proceeds
A Halifax store owner says a person returned a Prada bag after allegedly stealing it.
'It's all about tradition': Bushwakker marking 30 years of blackberry mead
The ancient art of meadmaking has become a holiday tradition for Regina's Bushwakker Brewpub, marking 30 years of its signature blackberry mead on Saturday.
Alberta photographer braves frigid storms to capture the beauty of Canadian winters
Most people want to stay indoors when temperatures drop to -30, but that’s the picture-perfect condition, literally, for Angela Boehm.
N.S. teacher, students help families in need at Christmas for more than 25 years
For more than a quarter-century, Lisa Roach's middle school students have been playing the role of Santa Claus to strangers during the holidays.
N.S. girl battling rare disease surprised with Taylor Swift-themed salon day
A Nova Scotia girl battling a rare disease recently had her 'Wildest Dreams' fulfilled when she was pampered with a Swiftie salon day.
Winnipeg city councillor a seven-time provincial arm wrestling champ
A Winnipeg city councillor doesn’t just have a strong grip on municipal politics.