Hospitals face cybersecurity risks in surprising new ways

June 17, 2022

While ransomware attacks have been stealing the headlines, threats can come from many sources making it critical for healthcare organizations to have a comprehensive cybersecurity strategy.  


Cyber threats take many forms and while the degree of sophistication can vary, every cyberattack has the potential to impact the availability, integrity or confidentiality of your system and the data within it.  Cyber threats can happen anywhere within your organization or sneak in through third-party vendors.

Ransomware attacks are currently the number one threat to healthcare organizations. More than half of healthcare organizations were hit by a ransomware attack in 2021 and of those, 66% said the cybercriminals were successful in encrypting their data. Ransomware threat actors are getting more sophisticated and the cost to retrieve sensitive data from cybercriminals is rising.

While ransomware attacks have been stealing the headlines, threats can come from many sources making it critical for healthcare organizations to have a comprehensive cybersecurity strategy.  During a February 16, 2022, HealthLeaders webinar, Securing the Healthcare Enterprise in ‘The New Normal’, presenters Christine Wheaton, Chief Privacy and Security Officer at Henry Ford Health in Detroit, MI and Jacqueline Sullivan, VP of Security Operations Coordination for Minneapolis-based U.S. Bank, discussed some strategies that organizations can use to protect against cyber threats.


1. Comprehensive training

Tried and true cybersecurity practices still hold up. Make sure your workforce is getting periodic cybersecurity safety training and ensure staff members are aware of the risks around the data.


2. Proactive practices

When looking at a new solution, a new medical device, even a new web application solution, make sure your security and risk experts are involved from the start.  As part of the evaluation, your security and risk team can identify potential vulnerabilities and determine if they can be addressed.


3. Identify your weaknesses

Every organization has a unique environment with its own vulnerabilities. Establish a workflow between your security team who are identifying vulnerabilities and determining risk and your IT teams who manage the assets and who can remediate.


4. Vet your vendors

Ensure that third party vendors have adequate cybersecurity measures in place. Conduct a supplier risk assessment to identify potential areas of risk with third party vendors and the fourth party vendors that provide services and supplies to them.

For more information, read our guide to Protecting your healthcare organization from cyber criminals   featuring additional insights from Christine Wheaton and Jacqueline Sullivan.


Tyler Eppley is the vice president of healthcare payment solutions at U.S. Bank and has worked exclusively with providers for more than 15 years to optimize revenue cycle operations and improve the patient experience.

Related content

Dear Money Mentor: How do I set and track financial goals?

How to avoid being the victim of a digital payments scam

Dear Money Mentor: What is cryptocurrency?

Tailor Ridge eBill case study

How to keep your assets safe

Webinar: How to stay safe from cyberfraud

Want AP automation to pay both businesses and consumers?

Automate accounts payable to optimize revenue and payments

What is Medicare? Understanding your coverage options

Overcoming the 3 key challenges of a lump sum relocation program

Learn to spot and protect yourself from common student scams

Real-time payments: the next major treasury disruptor

Colleges respond to student needs by offering digital payments

Risk management strategies for foreign exchange hedging

3 ways to adapt to the new payments landscape

Allowance basics for parents and kids

7 things to know about long-term care insurance

Higher education and the cashless society: Latest trends

Cryptocurrency custody 6 frequently asked questions

Managing the rising costs of payment acceptance with service fees

4 financial considerations before changing jobs

Standardizing healthcare payments

How to spot an online scam

Consolidating payments for healthcare systems

How to prepare for healthcare costs in retirement

The connection between your health and financial well-being

Is a Health Savings Account missing from your retirement plan?

Is your employer long term disability insurance enough?

Tap-to-pay: Modernizing fare payments pays off for transit agencies and riders

Retirement expectations quiz

Small business growth: 6 strategies for scaling your business

Streamline operations with all-in-one small business financial support

Manufacturing: 6 supply chain optimization strategies

Healthcare marketing: How to promote your medical practice

Unexpected retirement expenses

6 timely reasons to integrate your receivables

Liquidity management: A renewed focus for European funds

5 questions you should ask your custodian about outsourcing

Enhancing the patient experience through people-centered payments

How COVID-19 is transforming healthcare payments

Ways prepaid cards disburse government funds to the unbanked

Restaurant survey shows changing customer payment preferences

Luxury jeweler enhances the digital billing and payment customer experience

4 ways to make practical use of real-time payments

How Everyday Funding can improve cash flow

Payment industry trends that are the future of POS

Modernizing fare payment without leaving any riders behind

Access, flexibility and simplicity: How governments can modernize payments to help their citizens

Webinar: Approaching international payment strategies in today’s unpredictable markets.

Digital Onboarding helps finance firm’s clients build communities

10 ways a global custodian can support your growth

Insource or outsource? 10 considerations

4 strategies for coping with market volatility

Webinar: Mobile banking tips for smarter and safer online banking

How to choose the right custodian for your managed assets

Unexpected cost savings may be hiding in your payment strategy

Webinar: How to fight off fraud

Webinar: Protect yourself or your loved ones from elder fraud

Webinar: Digitizing receivables to transform B2B rent payments

Checklist: What you’ll need for your first retail pop-up shop

Authenticating cardholder data reduce e-commerce fraud

Benefits of billing foreign customers in their own currency

How AR technology is helping advance payment processing at Avera Health

Increase working capital with Commercial Card Optimization

Top tips for card payments optimization

Fraud prevention checklist

The mobile app to download before summer vacation

How mobile point of sale (mPOS) can benefit your side gig

P2P payments make it easier to split the tab

3 awkward situations Zelle can help avoid

3 steps to prepare for a medical emergency

How to plan and save for adoption and in vitro fertility treatment costs

When your spouse has passed away: A three-month financial checklist

What documents do you need after a loved one dies?

How to save money in college: easy ways to spend less

Checklist: How to gain financial independence from your parents

4 ways to outsmart your smart device

Money muling 101: Recognizing and avoiding this increasingly common scam

What you need to know about financial fraud

How you can prevent identity theft

Dear Money Mentor: How do I begin paying off credit card debt?

Myth vs. truth: What affects your credit score?

4 benefits to paying foreign suppliers in their own currency

Alternative investments: How to track returns and meet your goals

Improve government payments with electronic billing platforms

Emerging A/R solutions use artificial intelligence to target efficiency

ABCs of APIs: Drive treasury efficiency with real-time connectivity

Hospitals face cybersecurity risks in surprising new ways

How jumbo loans can help home buyers and your builder business

Higher education strategies for e-payment migration, fighting fraud

How real-time inventory visibility can boost retail margins

Webinar: Cash management strategies for higher education

Escheatment resources: Reporting deadlines for all 50 states

3 tips to maintain flexibility in supply chain management

5 steps you should take after a major data breach

Cybersecurity – Protecting client data through industry best practices

Why KYC — for organizations

The cyber insurance question: Additional protection beyond prevention

Post-pandemic fraud prevention lessons for local governments

How electronic billing platforms improve government payments

Rethinking common time management tips

How to apply for a business credit card

How a small business is moving forward during COVID-19

How to accept credit cards online

BEC: Recognize a scam

Fight the battle against payments fraud

The latest on cybersecurity: Vulnerability testing and third-party software

The password: Enhancing security and usability

Tactical Treasury: Fraud prevention is a never-ending task

3 timeless tips to reduce corporate payments fraud

Digital trends poised to reshape hotel payments

Three healthcare payment trends that will continue to matter in 2022

The surprising truth about corporate cards

Safeguarding the payment experience through contactless

Automate escheatment for accounts payable to save time and money

Understanding and preparing for the new payment experience

White Castle optimizes payment transactions

Collect utility and telecom bill payments faster

Protecting cash balances with sweep vehicles

Avoiding the pitfalls of warehouse lending

ABCs of ARP: Answers to American Rescue Plan questions for counties

4 tips for protecting your business against Coronavirus-related scams

5 Ways to protect your government agency from payment fraud

Proactive ways to fight vendor fraud

The latest on cybersecurity: Mobile fraud and privacy concerns

How to improve your business network security

Government agency credit card programs and PCI compliance

Cybercrisis management: Are you ready to respond?

The benefits of a full-service warehouse custodian

3 benefits of integrated payments in healthcare

Webinar: AP automation for commercial real estate

Webinar: CSM corporation re-thinks AP

Webinar: A closer look at U.S. Bank AP Optimizer

The future of financial leadership: More strategy, fewer spreadsheets

COVID-19 safety recommendations: Are you ready to reopen?

How to improve digital payments security for your health system

Government billing survey: The digital transformation of the payment experience

Enhancing liquidity management: 4 benefits of visibility

Top 3 ways digital payments can transform the patient experience

Webinar: Fraud prevention and mitigation for government agencies

Webinar: CRE Digital Transformation – Balancing Digitization with cybersecurity risk

Webinar: CRE technology trends

Webinar: Robotic process automation

Webinar: CRE treasury leader roundtable

Start of disclosure content

Loan approval is subject to credit approval and program guidelines. Not all loan programs are available in all states for all loan amounts. Interest rate and program terms are subject to change without notice. Mortgage, home equity and credit products are offered by U.S. Bank National Association. Deposit products are offered by U.S. Bank National Association. Member FDIC.