Healthcare Cybersecurity Status: Critical. Tax Credits Can Offer Support

Written by Corporate Tax Incentives. Updated Oct 10, 2019.


I have a friend who is quite enchanted by technology. Her home and life are loaded with Smart Things. She conducts all her banking on her cell phone and adores wiling away an afternoon in a café as she shops online – with an unsecured network.

She takes no precautions against cybercrime, no additional virus protection, no device or account monitoring, etc. She thinks technology is like white magic – it can execute wondrous actions of efficiency and good. Nothing will go wrong. Hacks only happen in Hollywood and Wall Street.

I’ve tried to warn her that she cannot rely solely on her computer, cellphone, or other smart instrument’s factory protections. This woman who has never so much as had her lunch money stolen told me I’m paranoid and “read too many ‘scary stories.’”

Until someone hacked her computer and swiped her credit card info during one of her shopping escapades.

The lesson here? Yes, technology can do amazing things, but we must not take basic cyber protections for granted. Particularly in healthcare.

Major Artery to Attack

The healthcare industry is buzzing and beeping with the latest technological devices and software to deliver 21st-century medicine to millions. But the very gadgets that dispense new healing and wellness possibilities to patients also open an enticing circuit for cybercriminals.

Learn More: The Secret to Maximizing Your R&D Tax Credit Potential

Citrix Chief Security Strategist, Kurt Roemer, explains that healthcare orgs often operate with decentralized network systems that increase chances of attack: “There’s a lot of data that winds up on endpoints, a lot of data that is very distributed.”

He also warned that in the event of an attack, organizations must be able to restore their data and network before it impacts their patients. “And that's where healthcare is struggling a little bit.”5

John Kuhn, IBM’s Security Senior Threat Researcher, revealed that each device at a healthcare facility added to their network “another potential point of attack.”

He state that hospitals often don’t have control over or visibility into the “huge swarm” of mobiles devices connected to their networks.5 This generates an immense amount of additional data.

Those in the healthcare industry must consider supplemental cyber protection as prudence, not paranoia.

Check out these heart-stopping stats to prove that:

  • 98% of manufacturers said that the cybersecurity of the IoT (Internet of Things) they produce or use could be improved to some or even a great extent.1
  • In 2017, the U.S. healthcare sector fell victim to more than 350 data breaches that exposed 4.93 million patient records.2
  • 88% of all ransomware attacks in the U.S. were against the healthcare industry in 2016.3
  • 89% of all healthcare organizations were breached in the past two years. 3
  • Cyber attacks are estimated to cost the healthcare sector nearly $6 trillion in the next three years.4
  • From a poll of 232 healthcare security managers, 50% called out IT networks as the most vulnerable area within healthcare organizations.1

Cybersecurity STAT!

These stats illustrate cybercriminals' appetite for healthcare organizations and the sector’s duty to protect beyond standard network and computer security - not only to save time, money, and patient data but also patients’ lives.

And medical device manufacturers, software developers, and system providers must understand and share this responsibility.

For most other businesses, a delay in recovery means revenue loss and reputation damage. If an auto dealer gets hacked, they may lose thousands of dollars and customers’ loyalty – but the customers will still be alive and well.

Contrastingly, any interruption in a hospital's patient care can, at the very least, delay appointments and medical procedure. But a breach could also cut loose more detrimental repercussions, such as medication dispensing impediments, loss of medical history, and critical device malfunctions (think WiFi-connected pacemakers).

Along with the highly sensitive and identifying information that reside within healthcare’s responsibility, patients’ well-being is the most vital.

Addressing the Root Cause

Cybersecurity for healthcare has never been so critical. Yet many hospitals are plagued with limited budgets and manpower and can only do so much in the way of augmenting cyber protection on their end.

Hackers know this. The real protection needs to start with the creators of the devices, software, and systems engineered for the healthcare sector.

If developers and manufacturers design products with more formidable cybersecurity built in, perform thorough penetration testing to uncover vulnerabilities, and execute more frequent software updates in response to criminals’ advances, they will add doses of imperative prevention.

Tax Credit Therapy

To help supplement the cost for research and development of more robust cyber protection, healthcare tech developers and manufacturers can draw on federal research and development (R&D) tax credits.

This fortifying tax incentive administers a dollar-for-dollar reduction in a company’s federal tax liability when the business performs activities associated with developing new or improved processes, products, techniques, inventions, or software.

Enhancements and software focused on improving cybersecurity certainly possess remarkable tax-saving potential.

The Road to Cybersecurity and Revenue Wellness

Hospitals want to provide the optimal patient experience, which includes the latest technological advances – that also opens prevalent opportunities for cyber invasion.

To maintain their patients’ happiness and health, providers must find a balanced regimen of technology and security – but they need medical device manufacturers and system providers to help - and they can prescribe a healthy dose of R&D tax credits to aid their efforts.

Manufacturers and system providers that would like to diagnose their maximum credit potential should call upon a tax specialist. As in the medical field, a specialist possesses the expertise to deliver the most accurate and helpful guidance.



What Can R&D Do For You?  Discover a practical approach to maximizing your federal research and  development tax credit. Download Guide

  1. Healthcare IoT requires stronger security strategies against cyberattacks, says Irdeto Research, IoTnews, 2019
  2. 5 Major Challenges Facing the Healthcare Industry in 2019, Medium Corporation, 2018
  3. 4 Healthcare Cybersecurity Stats That Will Raise Your Blood Pressure, CyberPolicy, 2019
  4. Cybersecurity Healthcare Data Breaches, By the Numbers, phoenixNAP, 2019
  5. How Evolving Healthcare Cybersecurity Threats Affect Providers, Health IT Security, 2019

Topics: R&D Tax Credit

Corporate Tax Incentives

Written by Corporate Tax Incentives

CTI is a tax incentives specialty firm that secures greater tax credits for businesses with our proven project methodology and unparalleled personalized service. For almost 20 years, our elite tax professionals have proactively engaged clients to deliver unmatched value with transparency and efficiency thorough secure in-house software, comprehensive audit-ready deliverables, and 24x7 access to real-time dashboards. We are tax consultancy experts passionate about maximizing credits and incentives for powering the success of your business.