VANCOUVER, British Columbia, June 12, 2017 (GLOBE NEWSWIRE) -- Canadian health facilities appear less than adequately equipped and prepared to handle the sort of massive ransomware attack that shut down 16 hospitals in the United Kingdom and infected upwards of 45,000 computers in 74 countries in May, according to a new survey of the nation’s health leaders.
Some 85% of hospital CEOs, department heads, medical directors and other senior health administrators say their organizations are “very” or “somewhat” vulnerable to a malicious cyberattack. They’re far more confident, however, in their capacity to deal with disasters, whether natural, such as floods, wildfires, epidemics or ice storms, or man-made emergencies, such as terrorist attacks, or even infrastructure failures, such as collapses of physical plants or power outages. Some 89% believe they are “very” or “somewhat” prepared to handle such disasters.
Those are among the findings of an IPSOS survey conducted for HealthCareCAN and the Canadian College of Health Leaders in the run-up to the National Health Leadership Conference (NHLC) being held in Vancouver on June 12-13, 2017.
“Canadian hospitals are now routinely dealing with malware, phishing, network overloads and all manner of cyber risks. One organization reports that they’re attacked over one million times each year,” says HealthCareCAN President and CEO Bill Tholl. “But as we’re now seeing, the attacks are getting nastier and more difficult to fend off. Ransomware doesn’t know borders. What we need is a better and more standardized Canadian framework to deal with the risks.”
To that end, HealthCareCAN and Public Safety Canada are co-sponsoring a session on “critical infrastructure and cyber security” at this year’s NHLC with an eye toward identifying the necessary components of a pan-Canadian Health Sector Network focused on critical infrastructure. A national summit will be convened later this year to craft a policy framework that includes standardized elements and optimal requirements in such areas as risk assessment, threat detection, layered security approaches, requisite redundancies and post-failure recovery plans.
“There are a lot of aspects to this,” Tholl says. “And it’s not just cyberattacks. What policies, preparations and procedures should hospitals ideally have in hand if there’s a disruption in water supply, or a power outage? Or if they need to move medical supplies to a region in which there’s been a natural disaster? The list goes on and on. And as people have discovered in the past, one problem can quickly cascade into another and another.”
The poll also indicated that 32% of health leaders believe there’s an urgent need for the federal government to become more involved in “setting up standards, oversight and providing leadership to address cybersecurity.” That’s followed by “security monitoring/protection” (22%); “provide funding” (19%); “address IT/cybersecurity issues” (13%); “help with infrastructure” (12%); and “providing plans/strategies” (9%).
The survey findings of health leaders are available here; the public survey findings are available here.
NHLC, which is structured this year around the theme “Value-Based Healthcare: embracing a patient and family-centered approach,” is the largest national gathering of health system decision-makers in Canada, including representatives from health regions, authorities and alliances; hospitals; long-term care organizations; public health agencies; community care; mental health and social services; government, education and research organizations; professional associations; and consulting firms and industry. Visit www.nhlc-cnls.ca for more information.