A majority of illnesses can be prevented or at least considerably mitigated by an array of well-known preventive measures. But healthcare systems continue to struggle with implementing prevention. This is largely because taking prevention out of the equation makes healthcare economics easier to calculate, and also because pay-per-service models fit better to modern-day preconceptions with consumerism.
Healthcare has difficulties with prevention in another field, too, and this is cybersecurity. Modern hospitals have to be able to react properly to cyberattacks, of course. They need strategies for dealing with cyberattacks. They need disaster recovery plans and they have to have communication concepts in place to minimize the damage once problems kick in.
is how to prevent a cyberattack from happening in the first place. Like heart attacks, cyberattacks normally don’t come out of the blue. Most originate within the medical institution in one way or the other. They happen because an individual wasn’t careful enough, or because the administration wanted to save money, or both.
If we are really serious about making digital healthcare safer with cybersecurity, we need a new mindset on all levels. Providers will have to think about security at every stage of product or software development. Doctors and nurses will have to understand that convenience is not all that counts. And hospital administrations will have to accept that money for cybersecurity prevention is an investment into better quality of care. In the end, it will be the patient who suffers from a lack of prevention.