(HealthDay News) — From 2016 to 2021, there was an increase in ransomware attacks on health care delivery organizations, and the personal health information of nearly 42 million patients was exposed, according to a study published in JAMA Health Forum.

Researchers quantified the frequency and characteristics of ransomware attacks on health care delivery organizations using data from the Tracking Healthcare Ransomware Events and Traits database.

The data showed that, from January 2016 to December 2021, 374 ransomware attacks on US health care delivery organizations exposed the personal health information of almost 42 million patients. The annual number of attacks increased from 43 in 2016 to 91 in 2021.


Continue Reading

The delivery of health care was disrupted in 44.4% of ransomware attacks. Common disruptions included electronic system downtime (41.7%), cancellations of scheduled care (10.2%), and ambulance diversion (4.3%).

Ransomware attacks on health delivery organizations increasingly affected large organizations with multiple facilities from 2016 to 2021, exposed the personal health information of more patients, and were increasingly associated with delays or cancellations of scheduled care.

“As policy makers craft legislation aimed at countering the threat of ransomware attacks across multiple industries, we urge them to focus on the specific needs of health care delivery organizations, for which operational disruptions may carry substantial implications for the quality and safety of patient care,” the researchers wrote.

Abstract/Full Text