Hacking Your Health: Can Your Electronic Health Record be Hacked?

July 29, 2022

By: Christopher A. Iacono

Takeaway: With ransomware attacks increasing over the past few years, healthcare organizations can expect hackers to make ransom demands while holding their computer systems hostage.


Everything comes back in style. In the 90s, computer hackers learned how to infiltrate networks, hold them hostage, and demand payment to make them functional again.  Recently, this strategy has resurged in the healthcare industry, potentially placing people’s lives at risk.

From 2021 to 2022, the number of ransomware attacks on healthcare organizations skyrocketed by 94%. This resulted in two-thirds of healthcare organizations in the U.S. experiencing some form of a ransomware attack in 2021, up from 34% in 2020. According to cybersecurity experts, ransomware attacks on healthcare organizations were always common. But it is the increase in frequency and severity of these attacks now that is worrisome.

These attacks can have devastating consequences.  Most recently in San Diego, California, treatments at a chemotherapy facility were delayed and, at another healthcare facility, ambulances were diverted from the emergency room after computer systems were frozen by an attack. In 2021, the first lawsuit alleging “death by ransomware” occurred where a mom sued a hospital for fatal brain damage to her newborn after heart rate monitors failed because of an attack.

Healthcare facilities are high-profile targets because attackers know the facilities are willing to pay high ransoms to safeguard people’s lives. In fact, 61% of healthcare organizations paid attackers ransom to resolve a ransomware attack in 2021.

Most of these attacks are carried out by private criminal groups. Conti, a crime syndicate out of Russia, was traced back to 30% of ransomware attacks in 2021. And just two weeks ago, the FBI revealed in June that it successfully thwarted an attack from Iran on a children’s hospital in Boston.

As this unsophisticated tactic of the recent past resurfaces, organizations that utilize or transmit private health information must ensure that they are prepared. This may include implementing more comprehensive security systems, conducting employee training, or revamping their data security policies to minimize the threat of data breaches.

Here are additional articles about the latest health system data breaches:

News & Events

Related News

22 Pietragallo Lawyers Named in 2023 Super Lawyers and Rising Stars
May 19, 2023
Pietragallo is pleased to announce that 22 lawyers have been named to the 2023 Pennsylvania Super Lawyers and Rising Stars list and one lawyer has been recognized in 2023 Florida Super Lawyers. Read More
24 Pietragallo Lawyers Named in 2022 Pennsylvania and Florida Super Lawyers and Rising Stars
May 23, 2022
Pietragallo is pleased to announce that 24 lawyers have been named as 2022 Super Lawyers and Rising Stars, including partner Marc Raspanti who was recognized in the Top 100 in Pennsylvania and Philadelphia. Read More

Upcoming Events

Scott Coffina to speak at Police Assisted Addiction and Recovery Initiative 2023 National Law Enforcement Summit
December 4, 2023
Pietragallo partner Scott Coffina will present “How to Run an Effective and Ethical Diversion Program” at the Police Assisted Addiction and Recovery Initiative (PAARI) 2023 National Law Enforcement Summit held in Boston, MA on December 4-5, 2023. Read More
Michael Morse to present at the American Bar Association’s 21st Annual Washington Health Law Summit
December 11, 2023
Pietragallo partner Michael Morse will be presenting at the American Bar Association’s 21st Annual Washington Health Law Summit, on December 11-12, 2023 in Washington D.C.. Read More
View More News & Events