Over 100 Total Lots Up For Auction at Two Locations - WA 11/05, PA 11/06

COVID 'year three' brings a perfect storm to healthcare security

March 28, 2022
Health IT
Damian Chung
By Damian Chung

As we head into year three of the pandemic, COVID management continues to consume a majority of healthcare resources. As a side effect, many elective surgeries over the last two years have been put on hold in favor of treating COVID patients. Elective procedures are where most medical institutions make their margins—and this shortfall is ultimately impacting budgets for IT and security advancements.

From March to May 2020 alone, hospitals lost more than $20 billion in revenue when the first phase of the pandemic led to an unprecedented nationwide shutdown in elective surgeries. “Elective” surgeries may include cosmetic as well as time-sensitive procedures—such as screenings, biopsies, hernia repairs, and valve replacements—where delays can worsen the chances of disease morbidity and even patient mortality. The projected recovery time for these postponements ranges anywhere from 4 to 164 months, depending on the institution.

But those losses didn’t stop with that first intense wave of COVID. By some estimates, healthcare organizations in the U.S. continued to lose an estimated $54 billion in net income in 2021 with more than a third of U.S. hospitals maintaining negative operating margins.

Ransomware ratcheting up healthcare risks
Simultaneous to less revenue being generated, ransomware attacks against healthcare systems have spiked during the pandemic. Cybercriminals have been callously opportunistic about leveraging the circumstances of a mass disaster for their personal enrichment. Two-thirds (67%) of healthcare delivery organizations report having been victims of ransomware; another one-third say they’ve experienced two or more attacks.

The healthcare industry also sustained the highest average cost of a data breach for the eleventh consecutive year. The average total data cost for a healthcare breach increased by nearly one-third year-over-year—from $7.13 million in 2020 to $9.23 million in 2021. The damages done by a successful attack drive a hospital into an even deeper budgetary crisis. Ireland’s healthcare system is still recovering from a widespread ransomware attack that happened last year—with a total cost projection of more than $100 million. Closer to home, a massive cyberattack last May cost a major California healthcare provider $112.7 million, with lost revenue-bearing most of the cost. But financial losses aren’t even the worst potential outcome to worry about.

You Must Be Logged In To Post A Comment