Stillwater Medical Center: another breach, another shutdown
by Kapua Iao
Stillwater Medical Center, which operates in Oklahoma, is the latest healthcare provider to become a victim of a data breach. The health system operates several care sites, specialist offices, hospitals, and clinics.
The cyberattack affected all Stillwater facilities.
Research shows that this will more than likely continue and more than likely increase throughout 2021. Such problems can be dire to healthcare providers, tasked with balancing patient care and HIPAA compliance.
RELATED: HIPAA stands for . . .
Stillwater first noticed problems with its computer systems on June 13. The IT team quickly gauged the situation as a cyberattack.
According to a news release, “[Stillwater] immediately took steps to ensure the security of [its] environment, launched an investigation with the assistance of a computer forensic firm, and notified law enforcement.”
Local news dubbed the incident a “major computer outage,” stating that the emergency room had to be shut down for several hours early in the morning on June 14. Stillwater diverted ambulances to other hospitals.
After initial interruptions, Stillwater continued taking patients, although the healthcare provider canceled and rescheduled some appointments. Moreover, some patients were told to call 911 instead.
All facilities are currently operating although its electronic health records (EHR) system is still experiencing downtime. Its phone system, patient portal, and app/email system work only intermittently.
At this time, there is no evidence that patients’ protected health information (PHI) was compromised. Stillwater has provided no recent update and has yet to confirm the type of breach.
Cyberattacks plague healthcare
The Stillwater breach is similar to those at the University of Florida Health hospitals as well as hospitals in Ireland and New Zealand. Recent Check Point data shows that cyberattacks, particularly ransomware, continue to afflict healthcare providers.
RELATED: The costs of ransomware attacks
Ransomware is malware (malicious software) used to deny a victim access to a system until a ransom is paid. A simple click can give a hacker access to data for encryption, exfiltration, and ransom.
The healthcare industry is one of the most targeted sectors for ransomware because of lucrative PHI and the urgency of restoring service since patients’ lives may hang in the balance. According to 2020 statistics, ransomware attacks caused about 15 days of EHR downtime to organizations.
Ransomware attacks have become so common that the U.S. government has released several statements about the problem, calling these incidences a ransomware epidemic.
Stillwater was more than likely hit with ransomware and may have a long recovery. We won’t know anything more until the investigation concludes.
Protect and fortify—cybersecurity is essential
Prevention and preparation are vital resources in combatting cyberattacks. Organizations must utilize a multilayered approach.
For healthcare providers, this means taking several measures to protect all systems/networks, endpoints, employees, and patients. All while remaining HIPAA compliant.
First and foremost, covered entities and business associates must have a solid business continuity plan in place along with proper backup and recovery processes in case of a breach.
RELATED: What is a business impact analysis?
Necessary security methods include:
- Employee awareness training
- Access controls
- Physical safeguards
- Antivirus and antimalware software
- Endpoint security
- Network segmentation
- Prompt patching and updates
The best tactic is a zero-trust approach in which every person and every device that accesses a network is a potential threat. Breaches like at Stillwater are sadly inevitable, which is why protection and prevention are necessities.