LUGPA Policy Brief: Cybersecurity in Healthcare

On July 9, 2025, the Senate Health, Education, Labor and Pensions (HELP) Committee held a hearing titled “Securing the Future of Health Care: Enhancing Cybersecurity and Protecting Americans’ Privacy.” Lawmakers and expert witnesses called for urgent action to address a sharp rise in healthcare cyberattacks, especially those impacting independent and rural practices.

Key priorities included modernizing HIPAA to reflect new technologies such as AI and wearables, supporting small providers that lack adequate cybersecurity resources, and establishing a national privacy standard to replace the patchwork of state laws. Witnesses emphasized cybersecurity as a core patient safety issue, particularly relevant to independent groups like LUGPA members.

The Rising Threat to Independent Practices
In 2024, 92% of healthcare organizations experienced cyberattacks, with each facing an average of 40 incidents. Globally, the sector saw a 45% increase in attacks. Independent practices are especially vulnerable due to older systems and limited cybersecurity infrastructure.

Data Breaches on the Rise

Ransomware Disruption

Phishing and Human Error

Financial Strain and Downtime

System Weaknesses

LUGPA’s Cybersecurity Recommendations
LUGPA urges member practices to adopt the following best practices to reduce risk:

  1. Access Controls: Use multi-factor authentication and limit access to sensitive data.
  2. Encryption: Encrypt patient data during storage and transmission.
  3. Firewalls and Monitoring: Install firewalls and monitor network activity for threats.
  4. Data Backups: Regularly back up data to secure, off-site or cloud-based locations.
  5. Device and Software Management: Retire outdated equipment and apply timely software updates.
  6. Staff Training: Conduct regular training on phishing, social engineering, and data handling.
  7. Telehealth Security: Use HIPAA-compliant platforms and secure remote access protocols.

Conclusion
Cybersecurity is a growing threat to the stability and safety of independent medical practices. LUGPA supports federal efforts to simplify compliance through a national privacy standard and calls on its members to prioritize investments in cybersecurity infrastructure and education. As the healthcare system becomes increasingly digital, cybersecurity must be a central component in delivering high-quality urologic care.

For additional resources on enhancing cybersecurity in healthcare, visit LUGPA’s dedicated page: Improving Cybersecurity for Healthcare Providers.