Over the course of the pandemic, the healthcare sector has gone through major changes. As one of the essential industries that just needs to keep going, there has not been a respite for ICT departments to sit back and think about the innovations needed to operate in our new reality. Instead, ICT staff at major hospitals and pathology providers have worked tirelessly to support dramatic increases in scale, changing processes for frontline health workers and extensive business continuity and scenario planning.  All of this has been achieved against a backdrop of continuing digital transformation projects, stretching their capabilities and resources to new limits. These efforts have supported high rates of Covid testing throughout the community and helped ensure the capacity of the hospital system to support the needs of the population as outbreaks unfold.  But while technology and digital transformation help make the sector more responsive, and more efficient, one big external factor threatens these efforts: Cyber threats.

As processes and information management systems respond to these new demands under the everchanging challenges posed by the pandemic, there’s been a major increase in the number of malicious actors compromising healthcare networks. In 2020 alone, there was an 80 per cent rise in the number of cyber incidents suffered by Australian healthcare providers.[1] Further, earlier in the year, PwC found that almost 60% of respondents from the Australian healthcare industry said they believe it is very likely that a ransomware attack will target their organisation in the next 12 months.[2] We’ve seen cases in Australia and internationally where hospital systems dealing with such cyber-attacks endure extended periods of network downtime, leaving staff without access to patient data, critical forms and procedure manuals.  In some cases, hospital staff have gone weeks without network access.  In this environment, there is a critical need for ICT teams at healthcare organisations to evaluate their existing business continuity plans and IT policies, raise internal awareness to ensure health workers understand their own role, and help enable frontline staff to work productively in the event of an outage.

Continuing patient care during planned and unplanned downtime

While Electronic Medical Records (EMR) systems in themselves offer a blanket of protection during a system outage, staff cannot access any of this information during a network downtime.  Network downtimes can cause delays in providing patient care and even threaten patient safety because data is inaccessible. Instead, frontline workers are forced to “go back to pen and paper”.  Provision of care is slowed, as is patient throughput.  Organisations using Lexmark devices can implement recovery solutions such as Lexmark’s Downtime Assistant to provide clinicians with access to critical information during both system and network downtime.

The Downtime Assistant application resides on the device itself and automatically draws the latest patient data and reports, key forms, procedure manuals and other critical documents from the network and stores them directly on the encrypted hard drive on the Lexmark Printer or Multi-Function Device (MFD).  Complementing the EMR’s solution, healthcare providers can access updated information directly from the Lexmark Printer or MFD without having to use a computer or access the network.

Intentional design for complete security

When we consider the IT infrastructure that supports organisations around the world, the infrastructure of a hospital is one of the most complex.  Add to this the sensitive nature of the data it produces and threat mitigation needs to be considered right across the environment.  Further, as most critical processes that drive patient throughput are reliant in some way on printed documents, its vital to ensure that your print ecosystem is safeguarded.

For optimal protection when it comes to print, the software used to support printers and multifunction devices must be developed to the highest of industry standards. Lexmark’s Secure Software Development Lifecycle (SSDL), for example, is a series of processes designed to address all aspects of security related to software development from planning through design and implementation, including quality assurance, release, and maintenance.

As the number of healthcare providers facing cyberattacks are sharply on the rise, it’s vital that the industry continues to explore solutions enabled by new technologies such as reviewing existing print infrastructure to mitigate vulnerabilities and provide greater continuity of care.  While expertise in warding off ransomware attacks lies in other parts of a healthcare provider’s infrastructure, Lexmark can help provide a critical safety net for when, not if, a downtime is experienced. This, mixed with our SSDL and knowledge of how to health providers navigate emerging cloud-based technologies is helping many healthcare providers navigate these challenges now and into the future.

[1] 2020 Health Sector Snapshot, Cyber.gov.au

[2] PwC, Preparing the Australian health sector for ransomware attacks, 2021