Ponemon study finds link between ransomware, increased mortality rate

A report released Wednesday by the Ponemon Institute found that ransomware attacks in the time of COVID-19 have had an impact on patient safety, data and overall care availability.  

For the report, sponsored by the risk management platform vendor Censinet, Ponemon surveyed nearly 600 IT and security professionals in healthcare delivery organizations.

“Our findings correlated increasing cyberattacks, especially ransomware, with negative effects on patient care, exacerbated by the impact of COVID on healthcare providers,” said Dr. Larry Ponemon, chairman and founder of the Ponemon Institute, in a statement. 

“We also analyzed steps that HDOs are taking to protect patient safety, data and care operations to determine what is working since so many respondents have been victims of more than one ransomware attack,” Ponemon said.  


The COVID-19 pandemic introduced new complications – including remote work, staffing strains and scaled-up IT needs – into an already fraught healthcare security landscape.  

And bad actors have taken advantage of that opportunity, as evidenced by frequent headlines about ransomware attacks on healthcare delivery organizations.

Ponemon’s new report suggests these incidents can have serious consequences for patient care.  

Over the last two years, 43% of respondents said their HDOs experienced a ransomware attack. Of those, 45% said they believed the attack resulted in a disruption of patient care operations.  

When asked about that impact, 71% reported a longer length of stay for patients, 70% cited delays in procedures and tests, 65% said there was an increase in patient transfers or facility diversions, 36% pointed to an increase in complications from medical procedures, and 22% said mortality rates increased.  

It is important to note that this latter statistic makes up a relatively small percentage (4%) of total IT respondents.   

Still, it reiterates the importance of shoring up security measures from a patient care perspective.

These security professionals say third-party risk management is difficult, and COVID-19 made it more complicated.

Only 40% of respondents said their organization always completes a risk assessment of third parties before contracting with them.  

“Re-assessments are another critical part of third-party risk management and are not conducted as often as required,” noted report authors.


Although ransomware attacks can lead to disruptions in patient care – such as delays in procedures or obstacles to treatment – reports of incident-related mortality are somewhat less common.

They are not, however, outside the realm of possibility: This past year, a German woman died after Düsseldorf University Clinic’s servers were encrypted and she had to be moved to a different facility 20 miles away.  


“The combination of data breaches, ransomware attacks, and COVID-19 has created the perfect cybersecurity storm and the worst two years on record for IT and security leaders in healthcare,” said Ed Gaudet, CEO and founder of Censinet, in a statement. 

“The Ponemon Research results are an urgent wake-up call for the healthcare industry to transform its cybersecurity and third-party risk programs or jeopardize patient lives.”

Kat Jercich is senior editor of Healthcare IT News.
Twitter: @kjercich
Email: kjercich@himss.org
Healthcare IT News is a HIMSS Media publication.

Leave a Reply

%d bloggers like this: