Can Business Continuity and Disaster Recovery Help When Ransomware Disrupts Healthcare?

From recent high profile ransomware attacks such as the Hollywood Presbyterian Medical Center incident, we can see how ransomware has the potential to disrupt healthcare business to the extent that facilities need to send patients elsewhere.

The ransoms demanded, and unfortunately too often paid, typically pale in comparison to the reputational damage, business impact from the disruption, and having to send patients to other care organizations.

While effective backup and restore, with complete coverage, properly versioned, air-gapped, and regularly tested, has emerged as a key safeguard to mitigate risk of ransomware, it is far from a panacea. This is because even with this safeguard organizations still have to endure significant disruption, and having to roll back to the most recent backup risks undoing any updates since when the backup was done, and that can be a direct patient safety issue.

In a previous post I discussed 21 steps healthcare organizations can take to mitigate risk of ransomware.

One of these steps is to have Business Continuity and Disaster Recovery capability. This capability can include hot standby systems with near real-time data mirroring that can enable healthcare organizations to minimize disruption in the event of a natural or man-made disaster, including a ransomware infection. By properly isolating and protecting these hot standby systems with security safeguards organizations can ensure that ransomware can’t propagate to these systems, and that they are available to provide business continuity to healthcare organizations.

Intel Health & Life Sciences global research on the ransomware readiness of healthcare organizations, acquired as part of the Breach Security Assessment Program, shows that only 38 percent of healthcare organizations have fully implemented Business Continuity and Disaster Recovery capabilities, and 54 percent only partially have this capability. Do you have Business Continuity and Disaster Recovery capabilities fully implemented to help your healthcare organization avoid disruption in the event of ransomware infection, or other disasters?

How does your overall breach security compare? Find out more how you can work with Intel Health & Life Sciences and global healthcare industry partners to benchmark your breach security maturity, priorities and capabilities.