What Ransomware Reminds Us About Risk in Healthcare

In the past week, the "WannaCry" ransomware attack made headlines. The malware attack threatened people in 150 countries, including several healthcare organizations. And while the breaches shone a spotlight on risks associated with digital data, they were also a reminder of how much the nature of healthcare risk management has changed. 

These days, risk managers and teams wear an increasing number of hats on the job, managing a spectrum of concerns from traditional incident management to data breaches and mergers and aquisitions. As a reminder of how broad a the term "risk" is in healthcare, here are four concerns for risk managers that have evolved or are new to their job descriptions. 

Data breaches 

The recent news cycle aside, we don't tend to hear about data breeches in healthcare often. However, they're more common than you might think. Forbes reported that over 112-million healthcare records were compromised in 2015. In 2016, ransomware was responsible for 72 percent of malware incidents that affected healthcare. While trust in healthcare is still high when it comes to data security, moves to cloud storage and the increasingly complex nature of cybersecurity poses ongoing challenges for risk teams to address. 

Workplace violence 

Workplace violence is not a new risk in healthcare, but increasingly prominent incidences and high rates have put it top-of-mind for many people in healthcare, but especially risk managers. It's estimated that half of healthcare workers in Canada experience some form of violence on the job. Healthcare workers experience more workplace violence than any other sector in the US. Growing rates of workplace violence have prompted places like California to introduce legislation. However, the threat of violence remains one of the most pressing risks in healthcare. Our feature on workplace violence has more information on strategies organizations are leveraging to eliminate the workplace violence. 


Technology has shaped healthcare in a lot of amazing ways, including making it more accessible, but it also poses challenges for mitigating risk. Telemedicine, for example, comes with a unqiue host of vulnerabilities, including data breaches and complications to malpractice suits, should they occur. According to the American Well 2017 telehealth survey, the market value of telehealth is expect to grow to $36.2 billion by 2020, with video visits prediced to become the most popular method. As telemedicine becomes more common, risk managers will have to adjust to juggle the added risks associated with this accesibility-boosting technology. 

Mergers and acquisitions 

Mergers and acquisitions are increasingly common in healthcare and they come with a laundry list of challenges. A report from PwC’s Health Research Institute called 2016 the year of “merger mania” – and so far in 2017 there are no signs of the trend slowing down. Mergers and acquisitions carry financial, operational, clinical and cultural risks. Last month’s blog on planning mergers and acquisitions in RL6 has advice to help manage risks associate with merging software systems.

Risk, like healthcare, is constantly evolving and in many cases, there is no easy solution. A great first step, however, is to invest in tools and supporting risk management teams as they address the growing complexity of risk.

The RL Suite addresses risk across your organization. Learn more about how our powerful reporting systems can give you the data you need to mitigate risk on our product page


Previous Article
Sharing the Story Behind Data
Sharing the Story Behind Data

You can learn a lot from analyzing data, but some of the most valuable insights can come from thinking abou...

Next Article
Things We Read and Loved: Global Health
Things We Read and Loved: Global Health

In this month’s Things We Read and Loved, we acknowledge the sometimes-scary reality that health doesn’t ha...

Ready to see more?

Get in touch