Page Header


ShareThis Increase Font Size Decrease Font Size

CEO: Cybersecurity

February 14, 2024

Scott Thoreson, CCMH Chief Executive Officer

(Published as a Letter to the Editor in The Carrollton Democrat)

By Scott Thoreson, CCMH Chief Executive Officer

An item in the news that unfortunately happens all too often is that some business or organization has had their computer systems breached and as a result, they do not have access to their data. Even worse than this is that the hackers then have the ability to sell this data to other criminals. As a result, critical information such as name, social security number and date of birth become the baseline for having identities stolen and all the resulting problems for those impacted.

Healthcare is not immune to this traumatic situation, and in December 2023, the Liberty Hospital shared that their computer system had been breached and they were trying to do whatever they could to be able to see patients. The Liberty Hospital had to resort to utilizing paper records, transferring out patients to other hospitals and many other considerations and actions that might never be disclosed. It is common for these hackers to ask for a “ransom”, usually in some kind of digital currency. Supposedly, once a ransom is paid, the hospital is given an encrypted code to regain access to their data. What is not known is the extent to which this ransomed data is replicated and passed along for other nefarious purposes. In addition, the criminal hackers could just keep the payment and not release the data, even if the ransom is paid.

Other area hospitals have also become victims to these criminal hackers and have had to make decisions related to ransoms and sharing the news of these breaches to their patients regarding their general and health-specific information.

Carroll County Memorial Hospital has taken many steps and continues to take steps to do the best we can to minimize the possibility of our hospital being added to the long list of impacted hospitals that have had data breaches. We have our IT contractor review our systems and processes to provide recommendations on how to make our data safe. Our employees are expected to complete monthly educational exercises on computer system safety.

I know that my personal use of accessing sensitive data has changed over time. I do not use public Wi-Fi to connect with anything related to data that I would not want someone else to see, such as banking information or healthcare information. I change passwords regularly, and as requested, use “pass phrases” as much as I can to make it more difficult to hack into accounts. My wish for all of you is to be judicious with your personal information and stay vigilant to help prevent yourself from becoming a victim of a hacker. I would also encourage everyone to at least annually check with the major credit reporting agencies to review your own information. It is also possible to put a credit “freeze” on your accounts that inhibits others from trying to use information to create new credit in your name.

Thank you for the opportunity to continue to serve you. We frequently review our security measures and processes that we utilize to keep our patients’ data safe and secure. If you have a question you would like addressed in this column, please send it to I wish you good health!

More in this Series:

CEO: End of Year Reflections (Published December 29, 2023)

CEO: Coding Matters (Published November 22, 2023)

CEO: Maternity Care Desert (Published October 25, 2023)

CEO: Rural Emergency Hospitals (Published September 20, 2023)

CEO: Primary Care Provider (Published August 23, 2023)

CEO: Supply Shortages (Published June 28, 2023)

CEO: CCMH Named Top 20 Critical Access Hospital (Published June 14, 2023)

CEO: Hospital Week 2023 (Published May 3, 2023)

CEO: Prior Authorizations (Published April 5, 2023)

CEO: Staff Shortage and Open Positions (Published February 8, 2023)

CEO: End of Year 2022 (Published December 14, 2022)

CEO: Purpose of the Foundation (Published November 10, 2022)

CEO: Health Insurance Portability and Accountability Act (Published September 28, 2022)

CEO: CCMH Providers (Published August 24, 2022)

CEO: Financial Assistance (Published July 20, 2022)

CEO: Social Determinants of Health (Published June 29, 2022)

CEO: National Hospital Week (Published May 11, 2022)

CEO: Why Healthcare is Expensive (Published May 4, 2022)

CEO: A Hospital is Still a Business (Published March 16, 2022)

CEO: Different Types of Hospital Ownership (Published February 1, 2022)

CEO: Holiday Message (Published December 20, 2021)