Healthcare attorneys call cybersecurity a growing concern

Attorneys are highly concerned about the threat of IT breaches at hospitals and healthcare systems, but also fear that little is being done to address the situation.

That's the result of a survey undertaken by Bloomberg Law and the American Health Lawyers Association. It polled both corporate attorneys and in-house counsel.

According to the survey, 97 percent of respondents believe they will experience an increased involvement in cases involving cybersecurity; 57 percent said it will be a significant increase.

That dovetails with a report published earlier this year by IBM concluding that the healthcare sector was the top target for cyberattacks in 2015. There have been several high-profile ransomware attacks on hospitals this year, including on Maryland-based MedStar Health and Hollywood Presbyterian Medical Center in Los Angeles. The Ponemon Institute believes such attacks are occurring against U.S. hospitals almost monthly.

Fifty-three percent of those surveyed believe that cyberattacks are where their clients are the most vulnerable. Employee negligence or insider threats ranked a close second, at 47 percent.

But only a quarter of respondents said that the healthcare organizations they represented are “very prepared” to handle a cyberattack; 70 percent said they were “somewhat prepared,” with the remaining 5 percent not being prepared at all.

"While it is encouraging that healthcare attorneys are on the front lines of preparing for and responding to cyberincidents, it is apparent from this survey that there is much more that needs to be done," Scott Falk, a vice president and general manager with Bloomberg Law, in a statement. "For example, there is overwhelming agreement from respondents that it is important to improve formal cybersecurity education and training for healthcare lawyers. Thus there is tremendous value in utilizing external resources and professional organizations that can meet this critical need."