| The purpose of this research is to examine cyber threats to healthcare organizations in order to identify countermeasures to protect patient data. The cyber threat to healthcare organizations is a growing one. The examination of threats in this study include attacks on healthcare networks through connected medical endpoints, Internet-facing health data, device misconfigurations, and medical device vulnerabilities. The most important findings from this research are broken up into three themes: the extent of data breach impacts, cyberterrorism, and preventing cyber attacks. The impacts of cyber attacks range from significant financial burdens to patients losing trust in their healthcare providers. Wide-spread cyberterrorism attacks on healthcare networks are yet to be seen, but could be in the near future. Research suggested that cyberterrorists could cause injuries to patients by attacking medical devices and shutting down healthcare networks. Researchers have demonstrated the ability to compromise defibrillators and insulin pumps, potentially resulting in patient deaths. Literature suggests that healthcare organizations could reduce the risk of cyber attack by following cybersecurity best practices, implementing a defense-in-depth strategy, and participating in information sharing across the healthcare industry. This paper includes recommendations based on research for healthcare organizations to protect patient data. The infancy of cybersecurity in healthcare highlights the importance of future research. The limitations of this study provide the basis for future researchers to make advances in protecting patient data.;Keywords: Cybersecurity, PHI, cost, terrorism, hospitals, risk management, Professor Albert Orbinati. |
