By Jeff Wardon, Jr., Assistant Editor

Cyberattacks are only growing in number and frequency, especially with healthcare facilities. These attacks are known to cause private records and sensitive information to be exposed. However, there are far more to cyberattacks than just the digital aspects, as the real world can be affected, too. In addition, vital processes and functions of healthcare facilities can be shut down entirely. 

According to The HIPPA Journal, two hospitals and several clinics in Idaho were recently affected by a cyberattack, with one clinic shutting down services. 

This cyberattack was officially detected on May 29, 2023. Ambulances had to be redirected to other facilities and, at the time, it was unclear how long the network problems would persist. The two hospitals, Mountain View Hospital and Idaho Falls Community Hospital, remained in operation with staff recording patient information by hand. However, the Mountain View Redicare clinic was temporarily shut down while the aftermath of the cyberattack was being dealt with. No information on what kind of cyberattack occurred was released at the time of detection.  

Often when these attacks happen, they are viewed as isolated events with no larger ramifications for linked or even non-affiliated healthcare facilities. The reality is that these facilities are all connected, whether directly or indirectly. One cyberattack can have ripple effects well beyond the target. 

To explain, several clinics that were affected by the May 29 cyberattack happened to be run by one operator. With one clinic being struck, it ended up rippling into other clinics in the same network. This is an example of a direct effect. 

On the other hand, the hospitals had to divert ambulances to other facilities since they could not reliably provide care. This leads to other hospitals or healthcare facilities having to deal with an influx of patients, and they may not be equipped to handle it. This is an example of an indirect effect. 

Additionally, a recent study found that cyberattacks can disrupt both the organizations they hit and the neighboring hospitals’ emergency departments. The results of this are longer wait times and delayed care for patients at the affected hospitals.  

Unsurprisingly, a single cyberattack can wreak havoc on a local community’s health systems. Given that, a healthcare facility’s cybersecurity is integral to mounting a sufficient defense and weathering the effects.  

Unfortunately, there is a shortage of cybersecurity professionals in the healthcare field.  

In normal conditions, proper cybersecurity acts like a town gate staffed with guards, protecting the town (or in this case the systems of healthcare facilities) from harm. However, with that gate left both wide-open and unguarded, they are left vulnerable to attacks. In other words, cybersecurity is the main defense against cyberattacks. When left unattended, those defenses are soon broken through. 

Overall, cyberattacks can create a perfect storm of problems for healthcare facilities to overcome. The effects, while both digital and physical, are felt equally as much across the board. Healthcare facilities need to be prepared for the possible cyberattack, because if not, they can be left reeling from the aftermath.  

Jeff Wardon, Jr. is the assistant editor for the facilities market.