Brian Krebbs has blogged on research examining what happens at US hospitals after a data breach or ransomware attack.
Hospitals that have been hit by a data breach or ransomware attack can expect to see an increase in the death rate among heart patients in the following months or years because of cybersecurity remediation efforts, a new study posits.…
As PBS noted in its coverage of the Vanderbilt study, after data breaches as many as 36 additional deaths per 10,000 heart attacks occurred annually at the hundreds of hospitals examined.
The researchers found that for care centers that experienced a breach, it took an additional 2.7 minutes for suspected heart attack patients to receive an electrocardiogram.
“Breach remediation efforts were associated with deterioration in timeliness of care and patient outcomes,” the authors found. “Remediation activity may introduce changes that delay, complicate or disrupt health IT and patient care processes.”
The cost of a control isn’t just in the purchase price, but also potentially in loss of productivity. In many cases an organisation accepts that cost because of the benefits the control brings. But we do need to be cognisant that their may be hidden costs to an organisation when implementing a new control. Is there really benefit in disrupting our users for some marginal security gain?
No comments:
Post a Comment