Ransomware to Robotics: How Cyberattacks Impact Patient Care

In a recent episode of the Continuous Compliance podcast, Dr. Emily Watters, a bariatric and general surgeon from Baltimore, Maryland, sat down with Danielle Sheer, Chief Trust Officer at Commvault, to discuss the profound impact of cybersecurity incidents on healthcare operations.

Dr. Watters, who also chairs her hospital’s robotics committee, provided a unique and frontline perspective on both traditional and technology-driven surgical approaches. Be sure to watch the full episode here: https://www.commvault.com/resources/video/impact-of-ransomware-on-hospitals

The Devastating Impact of Ransomware on Hospitals

When ransomware strikes a healthcare facility, the consequences are immediate and severe. Dr. Watters vividly described how these attacks can “completely shut down operations” for hospitals that have become entirely dependent on electronic systems. The repercussions are far-reaching and include:

• Canceled surgeries: Procedures that require rescheduling weeks or even months later, causing significant delays in patient care.
• Inaccessible patient histories and diagnostic images: Surgeons and anesthesiologists are unable to access critical information needed to safely perform operations.
• Handwritten documentation: A forced return to manual processes, which can be inefficient and error-prone.
• Compromised quality of care: The inability to access essential data can lead to suboptimal treatment decisions.
• Disrupted communication: Communication between healthcare providers and patients is hindered, leading to confusion and anxiety.

Dr. Watters emphasized the extent to which modern healthcare professionals rely on digital systems: “I don’t even know how to find a prescription pad to write a prescription for patients these days. It’s literally everything is electronic.” This dependency underscores the critical need for robust cybersecurity measures to prevent such disruptions.

Critical Patient Information Goes Dark

One of the most alarming aspects of ransomware attacks is the loss of access to vital patient records. Before any surgery, patients undergo comprehensive evaluations, including heart and lung checks, with results stored electronically. Without this information, healthcare providers can’t safely proceed with procedures.

The interconnected nature of medical systems exacerbates the problem. Dr. Watters noted that Maryland’s healthcare facilities have excellent interoperability, allowing records from one hospital to be viewed at another. When these systems go down, critical information sharing is lost.

From Ransomware Recovery to Robotics

The podcast also delved into the growing role of surgical robotics in healthcare. Dr. Watters, as the chair of her hospital’s robotics committee, shared her insights on this advanced technology. She described surgical robotics as “just a tool” similar to “using a push mower vs. using a riding lawn mower,” highlighting that skilled surgeons remain indispensable despite technological advancements.

This comparison draws an interesting parallel to cybersecurity concerns. As healthcare becomes more technologically dependent, the vulnerability to disruption increases. The discussion touched on how robotics collects data on surgical procedures, raising important questions about data ownership and the future of surgical practice.

The integration of robotics into healthcare not only enhances precision and efficiency but also introduces new layers of complexity in data management and security.

Building Healthcare Resilience

The conversation underscored the urgent need for comprehensive cyber resilience strategies in healthcare. As digital transformation accelerates in the medical field, maintaining alternative capabilities becomes crucial.

Dr. Watters and Danielle agreed that continued training in traditional surgical methods remains essential, regardless of technological advancements. This means healthcare providers can still deliver high-quality care even when digital systems are compromised.

For healthcare organizations, this episode serves as a powerful reminder that robust cybersecurity isn’t just about protecting data – it’s about maintaining uninterrupted patient care even during worst-case scenarios. The ability to switch to manual processes and rely on traditional methods can be a lifeline in the event of a cyberattack.

Key Takeaways

• Comprehensive cyber resilience: Healthcare facilities must develop and implement comprehensive cyber resilience strategies to protect against ransomware and other cyber threats.
• Dependency on digital systems: Modern healthcare professionals are heavily reliant on electronic systems, making it crucial to have backup plans and traditional training in place.
• Interoperability and data access: The interconnected nature of medical systems means that a cyberattack can have far-reaching effects, disrupting critical information sharing.
• Role of surgical robotics: While surgical robotics offer significant benefits, they also introduce new cybersecurity challenges that need to be addressed.
• Training and preparedness: Continuous training in both traditional and advanced surgical methods is essential so that healthcare providers can adapt to any situation.

Cyber Resilience Is Critical

The insights shared in this episode highlight the critical importance of cybersecurity in healthcare. As the healthcare industry continues to embrace digital transformation and advanced technologies like surgical robotics, the need for robust and resilient cybersecurity measures becomes even more pressing.

By preparing for the worst and maintaining a balance between traditional and modern practices, healthcare organizations allow patient care to remain uninterrupted, even in the face of cyber threats. Whether you’re a healthcare professional, a technology enthusiast, or simply someone interested in the future of medicine, this episode offers valuable lessons on the intersection of cybersecurity and patient care.