Issue link: https://beckershealthcare.uberflip.com/i/1115575
56 CIO / HEALTH IT Hospitals at high risk for cyberattack, Moody's says By Mackenzie Garrity H ospitals are among four sectors, holding $11.7 tril- lion in rated debt, at high risk for cyberattack, ac- cording to a Moody's Investors Service report. Banks, securities firms and financial market infrastructure are the three other sectors most vulnerable because of their heavy reliance on technology for operations, distribution of content or customer engagement, Moody's said. "We view cyber risk as event risk that can have material im- pact on sectors and individual issuers," said Moody's Man- aging Director Derek Vadala. "Data disclosure and business disruption are the two primary types of cyber event risk that we view as having the potential for material impact on issuers' financial profiles and business prospects." To determine which sectors were at a high risk, Moody's focused on: 1. Vulnerability to the type of attack or event to which entities in a given sector are exposed 2. Potential impact of cyber events via disruption of crit- ical business processes or negative reputational effects that lead to a loss of revenue Hospitals were quickly regarded as high risk because of the financial disaster that would result from a cyberattack. Contributing to the $11.7 trillion world debt total, a cyber- attack would significantly prevent a hospital from paying back what it owes, according to e Washington Post. Additionally, cyberattacks affect how long a hospital or business is offline not doing business. is is likely to cause more financial damage than the information that is hacked or exposed, according to e Washington Post. Other sectors would also feel the ripple effects of attacks on hospitals. Moody's determined another 20 industry sectors, which to- tal $12 trillion in debt, were at medium-high risk or medi- um risk. Telecommunications, health insurance and phar- maceuticals were included in the sectors. e report didn't so much focus on the cybersecurity pro- tections hospitals and other industries have in place; rather, it explored how and why these organizations are at such high risk for attacks and the long-lasting effects of cyberat- tacks on these industries. While hospitals have to report cyberattacks and data breaches to HHS, many other industries do not have to re- port cybersecurity incidents. "One thing that has confounded this type of analysis, not only for us but for others, is there's not a good strong public record of cyber events," Moody's Senior Vice President Ro- bard Williams told e Washington Post. n Data breach exposes 45,000 Rush patients' information By Jackie Drees C hicago-based Rush University Medical Center sent letters to up to 45,000 patients notifying them of a potential data security incident in May 2018. Data from an estimated 45,000 patients may have been compro- mised after an employee from one of Rush's third-party financial services vendors improperly disclosed a file containing certain patient information to an unauthorized party. Patient information that may be affected includes names, ad- dresses, dates of birth and insurance information. Rush said med- ical and financial data were not included in the breach. The med- ical center believes none of the compromised information was misused, according to the letter it sent patients. After discovering the breach Jan. 22, Rush launched an internal in- vestigation and suspended its contract with the vendor. Addition- ally, the health system is providing a free yearlong membership to an identity protection service to patients who were affected. Rush recommends patients affected by the security incident moni- tor their credit reports and financial accounts for suspicious activity, check their explanations of benefits documents from their health plans and review their rights to fraud alerts and credit freezes. n Northwestern Medicine to apply AI screening for heart disease By Jackie Drees C hicago-based Northwestern Medicine Bluhm Cardiovascu- lar Institute is piloting a clinical study to determine whether artificial intelligence can screen for heart disease. Using cardiovascular digital health platform Eko, the institute will test whether its digital stethoscopes and AI algorithms can an- alyze heart noises to help screen for valvular heart disease and pathologic heart murmurs. Eko's technology incorporates ma- chine learning with data from thousands of heart sound patterns to help physicians more accurately diagnose cardiovascular con- ditions when using a stethoscope. "One of the biggest problems in healthcare is that general prac- titioners so often miss heart murmurs that if found earlier would allow patients to get treatment before problems arise," Eko CEO Connor Landgraf said in a news release. "The results of this study will work to bridge the gap for general practitioners and early detection of these life-threatening conditions." Eko is funding the clinical study and will enroll 1,000 patients. The trial is part of the institute's center for artificial intelligence, which applies AI and machine-learning technologies to cardiovascular disease research, diagnosis and treatment. n