Healthcare Organizations Should Not Follow Garmin's Breach Response

Healthcare organizations can learn from the current outage at Garmin about how not to respond during an IT security breach. Garmin connect service, a platform for Garmin's health and fitness trackers has been down for three days now.

This situation feels like the organization did not prepare ahead of time on a fundamental answer to a tough question. Do you pay the ransomware if an incident occurs? Organizations usually defer the answer to their cyber-insurance policy, or by the time a response is needed, the timing is too late.

A large academic medical center recently paid the ransom to have their data back quickly. Security professionals may not agree with the decision to settle. The organization had responded swiftly to recover operationally without impacting patient's lives.

Healthcare organizations must have ransomware payment discussion early to avoid system interruption for days. Key areas of focus for IT and security operations are:

  • Understanding the cyber insurance policy.

  • Testing backups regularly by actually restoring files.

  • Increase the organization's investment in cybersecurity awareness and training.

  • Business continuity is a team sport and priority for the organization.




  • Grey Facebook Icon
  • Grey Twitter Icon
  • Grey Instagram Icon

ABOUT David Chou

David Chou serves as the SVP/CIO for a public academic health system.  Chou has held executive roles with the Cleveland Clinic, Children's Mercy Hospital, University Of Mississippi Medical Center, AHMC Healthcare, and Prime Healthcare.  

David is a dynamic keynote speaker and industry commentator working with clients to transform their business models using technology. He has spoken around the world at healthcare tech-related conference including keynotes for leading industry events and intimate executive settings. Chou is also one of the most mentioned CIOs in the media and well quoted in outlets such as the Wall Street Journal, Modern Healthcare, HIMSS Media, ZDNet,, Huffington Post, and Becker's Healthcare.  David is an active member of both ACHE and HIMSS while serving on the board for CHIME. 



 Subscribe now to receive the new updates.