Cyber Impacts Us All
Healthcare organizations are prime targets for cyber attacks due to the sensitive nature of the information they have. And the impacts of a breach in healthcare can be significant and long-lasting.
It’s not IF but WHEN your organization could face a cyber breach, and that’s why HIROC hosts a number of cyber workshops annually, the latest taking place on November 7.
The Shared Experiences: Cyber Preparedness in Healthcare event brought together experts in healthcare, law, cybersecurity, and law enforcement. The workshop offered actionable ways for Subscribers to mitigate and prepare for a cyber breach.
Here are some key takeaways from the sessions.
Staff Training is Critical
Ninety per cent of successful breaches are from phishing, so promote a culture of cyber security awareness and acknowledge that it’s everyone’s responsibility. “It’s important to create a culture and vigilance of all staff,” said William Homerston, Manager of Quality, Performance & Innovation at Langs Community Health Centre.
Options for staff training include using vendors your organization already works with and the many online courses and resources available, some of which are free. It could also be beneficial to work with partner organizations to share tools and knowledge. “Sharing and open communication are crucial,” added Keith Lawson, Corporate Information Security Officer at London Health Sciences Center.
And be sure to check out HIROC’s valuable cyber resources too!
- Cyber Risk Management Guide
- Key Measures for Preventing and Mitigating Cyber Attacks and Ransomware
- Hosting a Successful Cyber Breach Tabletop Exercise Guide
- Planning for Cyber Security Incidents: A Crisis Communications Guide
Tips for Smaller Organizations
Smaller organizations may have different cyber security challenges. Without in-house IT, doing your own risk management assessment and identifying cyber security as a top risk can help get senior leadership support and a dedicated team to focus on it. “Let’s all come together to work on this since it will affect us all,” Homerston advised telling your organization.
Key cyber management strategies for small organizations include
- Implementing ongoing training starting with onboarding and updating it annually
- Providing incident response one-pagers for certain threats like phishing emails
- Adopting multi-factor authentication as a cost-effective way to enhance security
- Prioritizing cyber security in emergency response plans
- Having regular data backups on separate networks
- Making downtime binders and business continuity plans
Watch Homerston and HIROC’s Kopiha Nathan’s full discussion from the November 7 event. Their discussion revolved around scaling cybersecurity across the sector.
Can’t watch this video? Review your cookie preferences by clicking on the banner at the bottom of the screen or the cookie icon on the bottom left of the screen.
Advice on Internal and External Communications
Jeanette Despatie, President and CEO at Cornwall Community Hospital, shared some key learnings on communicating after a cyber breach.
Internal communications:
- Be prepared to communicate without an internal network connection
- Reintroduce paper and have runners
- Work with internal leaders to share messages
- Keep in mind that staff may not trust their work emails once a breach has occurred
- Address challenges with getting messages to staff in the early days
- Try using virtual meetings and meeting rooms so staff can drop in for updates
External communications:
- Be transparent, but you can’t communicate what you don’t know
- Avoid the temptation to share details before the investigation is over even though it could take some time
- Maintain trust by saying you’re sharing what you know now but will provide more information later
- Be consistent in messaging so you don’t have to backtrack
- Continue regular communication even if there’s no new information
When to Involve Police
Police often collaborate with organizations and breach coaches during cyber investigations. It’s important to “recognize that the role of police is not to come in there and shut down a business to get evidence. Business continuity is our primary focus,” Lina Dabit, RCMP Inspector, Cybercrime Investigative Team, emphasized.
When a cyber breach occurs engaging police early on is crucial. To eliminate any confusion about which jurisdiction or when police should be contacted, this can be included in your response plan and tabletop exercises. A breach coach can help by filing police reports on an organization’s behalf.
“Threat actors are endlessly creative, and some are heavily resourced,” Travis Walker, Senior Associate, Data Privacy and Cybersecurity at Norton Rose Fulbright, warned.
Check out this video for the full session with Dabit, Walker, and HIROC’s Caroline Libarian on how breach coaches and law enforcement combat cyber crime together.
Can’t watch this video? Review your cookie preferences by clicking on the banner at the bottom of the screen or the cookie icon on the bottom left of the screen.
Learnings From a Cyber Breach
Finally, we heard lessons learned from a cyber breach at The Hospital for Sick Children from Andrea McCormick, Senior Manager, Quality Management and Emergency, and Dr. Gail Annich, Staff Physician, Pediatric Intensive Care Unit, and Professor of Pediatrics, Interdepartmental Division of Critical Care Medicine at University of Toronto.
When a cyber breach happens, engage doctors at all levels and establish a frontline team of medical leads in each department who are on call. Finding a time when these medical leads can attend regular meetings for updates, such as in the morning, is important for keeping them engaged, and using a standardized way to share information can prevent redundancies and maintain a single source of truth.
With the growing threat of a cyber attack, preparation is critical, and these are just some of the ways you can lay the groundwork for an effective response.
For those who attended this cyber forum, you have exclusive access to re-watch all the sessions by logging back in to the RingCentral platform for 90 days after the event date.
If you have any questions about your cyber coverage, reach out to us at [email protected].
And if you have any lessons learned from a cyber incident, drop us a line at [email protected] and share them. It’s critical we scale lessons learned across the healthcare system.
Stay tuned for news about HIROC’s 2025 cyber events!
By Gillian Brandon-Hart, Communications & Marketing Specialist, HIROC