Care providers, do you know your biggest cyber threats?

Evolving technologies bring great benefits, but also new risks including cyber risk. Cyber security in the care services industry has been a growing concern over the past few years. And with the implementation of GDPR, fears about pitfalls could become more widespread.1

In 2015, over 100 million healthcare records were compromised from more than 8,000 devices in more than 100 countries.2 And this is only likely to increase with the growing interconnectivity of modern software and devices.

Some of the risks your business may face due to new technology are:

  • Harm to a patient’s safety and health by hackers accessing personal devices.3
  • Loss of SPI (sensitive personal information) by hackers accessing personal data from connected systems. In 2016 3.47m patient records were stole from Newkirk Products.4
  • Breach and access of wearables and monitors which are susceptible to remote takeover.3
  • Ransomware on connected systems - The healthcare industry is the most affected by this with 34% of all ransomware attacks.5
  • Negative PR due to a data breach.4 

It’s important when investing in new technology that you carry out the appropriate risk assessments. Your risk management strategy must be updated to allow for new working practices. Failing to do so could leave you open to claims not covered by your current insurance.

Common healthcare cyber threats

Increase in healthcare technology

Information Systems Audit and Control Association research shows mobile devices (54%), cloud (50%), and social media (38%) as the most difficult technologies to secure.6 

Internet of Medical Things (IoMT) is one of the most recent and accepted advancements in medical technology. However, these are also one of the biggest threats of cyber risk.7 As more of your processes to remotely access information, IoMT devices are not built with security features.

Ransomware is an example of a new and evolving data security threat which acts by breaching shared IT systems and preventing access. The cost of a healthcare data breach has been calculated at £300 per individual record, with an average of 30 records stolen per breach, making this one of the most lucrative cyber scams.8 

Limited investment in cyber security

65% of Chief Information Security Officers in care services believe they have “inadequate in-house expertise” to deal with a cyber-security breach.9 

Cyber security investments in healthcare must compete with other more urgent needs. New medical technologies and equipment, staff and basic supplies are often your priority, potentially leaving your business unprotected.


Cyber security protection is particularly lacking in smaller and independent practices. If you’re a small organisation, you might receive limited funding, which doesn’t sufficiently cover your cyber security needs.

With modern technology, your business is more at risk than ever. The connectivity of the care services industry, makes your small business an easy way to breach larger organisations by accessing their data through your systems.10

It’s clear that with new technology comes new risk, which the care healthcare sector is particularly vulnerable to. Now we’ve looked at the evolving risk and the most common causes of cyber threats for care service providers. Our next article looks at planning for these unique healthcare sector risks and making sure that your business is prepared

Can’t wait for our next article on planning for cyber risks? Download our whitepaper on The Impact and Importance of new Technology in the Healthcare Industry for care sector insights.



1. goanywhere.com/2018-cybersecurity-concerns-in-healthcare
7. fortinet.com/minimizing-cyber-risks-as-healthcare-providers-increase-technology-use