Reducing cyberattacks on Canadian health systems

“Preventing cyberattacks involves navigating trade-offs between keeping workflows efficient and reducing risk amid threats that are growing in frequency, severity and sophistication.”

Cyberattacks targeting health information systems can cause considerable damage and stress, but there are ways to reduce the risk of these events, write authors in CMAJ (Canadian Medical Association Journal).

“With respect to cybersecurity, a bit of prevention is worth a terabyte of cure,” writes Vinyas Harish, MD/PhD candidate at the University of Toronto’s Temerty Faculty of Medicine, with coauthors, in an article outlining the impact of cyberattacks on Canadian health information systems and how clinicians in hospitals and individual clinics can improve their cybersecurity practices.

This advice is particularly relevant, with several hospitals in southwestern Ontario reporting a recent cyberattack that has caused substantial disruptions in patient care.

The authors outline stages to help navigate cyberattacks, based on the US National Institute of Standards and Technology’s Cybersecurity Framework:

• Prevention – be vigilant for phishing emails, use strong password and 2-factor authentication, ensure adequate network protection and other actions. This includes creating a cyberattack plan to use in case of an event.

• Detection – use antivirus software and be alert to suspicious activities, such as barred access to files, installation of unrecognized software and more.

• Response – immediately disconnect devices from the Internet, activate your cyberattack plan and notify individuals affected by the attack.

• Recovery – this depends heavily on having health information systems that allow for restoration from back-ups, ensuring external vendors help with data recovery and conducting an internal debrief on the response.

“Preventing cyberattacks involves navigating trade-offs between keeping workflows efficient and reducing risk amid threats that are growing in frequency, severity and sophistication. As national and regional policies develop, health organizations, practices and individual clinicians must take a proactive approach to improving their cybersecurity posture,” the authors conclude.

“Cyberattacks on Canadian health information systems” was published November 20, 2023.

Search for an article

21st Annual Nursing Hero Awards

21st Annual Nursing Hero Award

Survey shows progress in primary care access as Nurse Practitioners help close gaps

The Cost of Inaction: Why the OHA’s Resistance to Staffing Ratios Defies Logic

Are You From The 72% of Caregivers At Home Who Are Burnt Out? This Message Is For You….

Toronto hosts global forum advancing assistive technology in ALS care

Reimagining hospital care for an aging population

CABHI’s Ignite Program Now Open to Drive Innovations in Aging and Brain Health

There is a burnout crisis among LTC workers – trauma-informed workplaces are a solution