Hostname: page-component-cd9895bd7-dk4vv Total loading time: 0 Render date: 2024-12-26T10:42:49.277Z Has data issue: false hasContentIssue false

A National Survey of Hospital Cyber Attack Emergency Operation Preparedness

Published online by Cambridge University Press:  13 July 2023

Natalie Sullivan
Affiliation:
George Washington University, Washington, USA
Jordan Selzer
Affiliation:
George Washington University, Washington, USA
Jeffery Tully
Affiliation:
University of California San Diego, San Diego, USA
Christian Dameff
Affiliation:
University of California San Diego, San Diego, USA
Chibuzo Opara
Affiliation:
Howard University, Washington, USA
Mackenzie Snead
Affiliation:
Howard University, Washington, USA
Rights & Permissions [Opens in a new window]

Abstract

Core share and HTML view are not available for this content. However, as you have access to this content, a full PDF is available via the ‘Save PDF’ action button.
Introduction:

Cyberattacks on healthcare systems are increasing in frequency and severity. Hospitals need to integrate cybersecurity preparedness into their emergency operations planning and response in order to mitigate adverse outcomes during increasingly likely cyber events. No data currently exists regarding the level of preparedness of US hospital systems for cybersecurity attacks. We surveyed hospital emergency managers to assess cybersecurity preparedness for these events.

Method:

Fifty-seven emergency managers representing hospitals across the US participated in an online Qualtrics survey regarding current preparedness and response procedures for cybersecurity hazards.

Results:

Survey responses between April 2019 and May 2021 demonstrated that a majority of hospital systems surveyed included cybersecurity disasters in their HVA (82.4%, 47/57), and most ranked it as one of their top five priorities (57.4%, 27/47). However, over half denied specifically mentioning cybersecurity in their EOPs (52.6%, 30/57). Fourteen of the 57 hospital systems (24.5%) endorsed previously activating an Emergency Response for a cybersecurity incident unrelated to Information Technology (IT) failure.

Conclusion:

The survey results suggest that American hospitals are currently underprepared for cybersecurity disasters. We emphasize the importance of prioritizing cybersecurity in HVAs and implementing specific EOP annexes for cybersecurity emergencies.

Type
Lightning and Oral Presentations
Copyright
© The Author(s), 2023. Published by Cambridge University Press on behalf of World Association for Disaster and Emergency Medicine