To The Point – Cybersecurity

Episode: How Cybersecurity Impacts Patient Care in Hospitals with Christian Dameff (Part 2)

Date: November 25, 2025
Host: Rachael Lyon
Co-host: Jonathan Knepher
Guest: Dr. Christian Dameff (Medical Director of Cybersecurity, UC San Diego Health)

Episode Theme

This episode continues the urgent discussion on how cybersecurity directly affects patient outcomes in hospitals, focusing particularly on the real-world impacts of ransomware attacks on healthcare delivery. Dr. Christian Dameff shares research data, stories from patients, and details ongoing efforts to bolster clinical resilience, while also probing the sector’s vulnerabilities and ways professionals can prepare for hybrid roles blending medicine and cybersecurity.

Key Discussion Points & Insights

1. Ransomware’s Tangible Impact on Patient Outcomes

• Dr. Dameff shares compelling findings: during a ransomware attack’s peak, the rate of patients recovering from cardiac arrest with meaningful neurological outcomes dropped from 45% to just 4.5% – a tenfold decrease.

  • Quote [01:23]:

    “4.5% of our patients were able to come back from a cardiac arrest with a meaningful neurologic outcome. That’s a tenfold decrease. Just because there was a ransomware attack around us—we weren’t even ransomed.”

• Further research (by Dr. Hanana Prash) shows a 30% higher chance of dying in a hospital under ransomware attack.

• Dameff stresses that measurable and visible impacts are just “the tip of the iceberg”; many harms remain undetected due to lack of research and measurement tools.

2. Capturing the Personal Toll of Cyber Incidents

• Dr. Isabelle Straw (UCSD) collated thousands of Reddit posts and scientific literature documenting “cyber harms” to patients.
  • The open-access “Cypher” platform presents real patient stories, highlighting delays in cancer diagnoses, inability to fill critical psychiatric medications, and overall emotional anguish:
    • Quote [03:57]:

      “You’re going to just be so saddened and honestly shocked at how widely cyber attacks like ransomware can impact patients’ lives.”

3. Practical Advice for Patients & Families

• If you have a medical emergency, always seek care, even during a cyberattack.

• Dameff recommends maintaining non-digitized records (medications, history) to help doctors if systems are down.

• Patients should expect manual or paper processes and plan for communication challenges with pharmacies and primary care.

  • Quote [05:04]:

    “Empower yourself... The more you can rely on manual, paper processes to continue your care and communicate those things, that’s going to help you.”

4. Building Clinical Ransomware Playbooks (“The Tome”)

• Most hospitals have a technical incident response plan, but lack clinical guidance for care continuity.
• Dameff’s team is developing an open-source, internationally adaptable “clinical ransomware playbook” for clinicians—written in plain language and tailored for specific specialties.
  • Quote [07:02]:

    “We’re making this giant book of ransomware clinical playbooks that clinicians... are going to read... It’s going to be like: ‘You have a patient that’s laboring, you may not have monitors. This is what you should do.’... This is a big gap we’re hoping to fill.”

• The “Tome” aims for global adoption and iterative improvement by clinicians everywhere.

5. Rapid-Deploy Hospital IT Systems – “Cyber Response Vans”

• Dameff’s team tested mobile IT systems (in a van) able to equip ransomed hospitals within an hour:

  • Contains hardened laptops, cellular/satellite connectivity (Starlink, private cell towers), necessary lab and radiology equipment.

  • Has successfully simulated deployments for a 20-bed ER in as little as 34 minutes.

  • Quote [12:49]:

    “From the time we opened the back of the truck to when our full system was deployed, it was 34 minutes.”

• The concept aims to bridge the unsafe gap when hospitals shift to paper during prolonged outages.

• Next steps: scaling for larger hospitals, addressing legal regulation, and exploring nationwide/federal “disaster response” roles.

6. Critical Infrastructure & The Problem of Unknown Dependencies

• Historic dependencies make hospitals vulnerable—there’s no “going back” from electronic health records, since they’re now central to reimbursement and operations (per the 2009 HITECH Act).
• The Change Healthcare ransomware attack illustrated the fragility: a single vendor’s outage disrupted prescriptions, payments, and care across the US.
• Dameff calls for advanced, real-time dependency mapping for healthcare IT:
  • Quote [18:25]:

    “We need to do deep dependency mapping... Whiteboards aren’t enough. We need better ways to find the most important linchpins, secure them first, because the consequences are national healthcare failures.”

7. On Entering the Field: Blending Medicine and Cybersecurity

• Dameff counsels that both medicine and cybersecurity are high-stress careers and combining the two should be done thoughtfully.

• He suggests starting with cybersecurity knowledge, then pursuing medicine, given the intensive requirements of medical training.

  • Quote [22:15]:

    “Cyber first... Once you commit to the healthcare side of it, it’s 100% of your life—studying for 10-plus years—and you can’t really do it the other way around.”

Notable Quotes & Memorable Moments

• On Patient Outcomes in Crises [01:23]:

  “That’s like a tenfold decrease. That’s tenfold decrease. Just because there was a ransomware attack around us, we weren’t even ransomed.” – Dr. Christian Dameff

• On the Hidden Cost to Patients [03:57]:

  “Once you go to this website and you start reading some of these Reddit posts... you’re going to just be so saddened and honestly shocked at how widely cyber attacks like ransomware can impact patients’ lives.” – Dr. Christian Dameff

• On Empowering Patients [05:04]:

  “Have your medical records in a non-digitized form... Empower yourself...” – Dr. Christian Dameff

• Describing the “Tome” Playbook [07:02]:

  “We’re making this giant book of ransomware clinical playbooks... It’s going to be a lot of ‘You have a patient that’s laboring, you may not have monitors, this is what you should do.’” – Dr. Christian Dameff

• On “Cyber Response Vans” [12:49]:

  “Our record is 34 minutes. So from the time we opened the back of the truck to when our full system was deployed, it was 34 minutes.” – Dr. Christian Dameff

• On Healthcare’s Systemic Vulnerability [18:25]:

  “We need deep dependency mapping. We need to do it more than what we do right now, which is just a whiteboard... the consequences are national healthcare failures.” – Dr. Christian Dameff

• Choosing a Hybrid Career [22:15]:

  “If you really still want to do it, my encouragement would be: definitely work on the cyber component first... you can’t really do it the other way around.” – Dr. Christian Dameff

Timestamps for Key Segments

• [00:58] – Ransomware’s clinical impact statistics
• [03:10 – 04:30] – “Cypher” platform, stories from affected patients
• [05:04] – Advice for patients during cyber incidents
• [07:02] – Clinical ransomware playbook (“The Tome”) initiative
• [10:28 – 13:09] – The “cyber response van” project
• [16:04] – Systemic dependency risks, the Change Healthcare incident
• [20:34] – Career advice for healthcare cybersecurity aspirants

Conclusion

This episode offers a sobering yet actionable look at the real-world consequences of healthcare cyberattacks, showing how they ripple far beyond IT into life-or-death situations. Dr. Dameff provides hope through emerging resources—like clinical playbooks and mobile IT deployments—while candidly discussing the systemic dependencies that make healthcare a perennial soft target. As the episode closes, listeners get practical advice for both personal preparedness and career aspirations in this critical, high-stakes field.

For further resources, check out the Cypher platform and stay tuned for the release of the “clinical ransomware playbook.”