B2B Healthcare Procurement Has a Growing Hacking Problem

B2B supply chains are the unsung hero of global commerce. Their importance only grows when it comes to critical industries like healthcare, where life-saving supplies and materials are the goods being transported along the procure-to-pay cycle.

But with the news this week that a 30-year old healthcare supply chain system in the U.K., one that handles over $5 billion of annual spend for the NHS, has been continually attacked by bad actors, strengthening their procurement processes and supply chain resilience is becoming increasingly top of mind for B2B leaders.

Per a court filing, the NHS supply chain relies on a decades-old computer system called RESUS. In the 11 months prior to November 2024, RESUS had suffered from 35 of the highest priority “P1” alerts. One of those alerts resulted in 17,000 warehouse order lines not being picked and “consequent delays which affected the shipping of those products to hospitals.”

The NHS incident is just one example of a broader global issue. Healthcare’s rapid digital transformation has brought remarkable efficiencies and innovations to patient care. However, it has also opened the door to cyberattacks that can disrupt the delicate logistics of medical supply chains.

As hospitals increasingly rely on digital systems to manage everything from inventory to supplier communications, a single breach can have widespread consequences. These threats are not hypothetical; they are happening now and with increasing frequency.

Read more: From Outdated to Automated: UK Eyes Massive Healthcare Transformation

Medical procurement systems can be particularly vulnerable because they involve a complex web of suppliers, manufacturers, and logistics providers. Each link in this chain is a potential entry point for hackers. A breach at a single supplier can cascade through the system, disrupting the flow of critical supplies such as medications, medical devices and personal protective equipment.

Many procurement systems were never designed with cybersecurity in mind, and as threats evolve, these systems struggle to keep up.

While delayed shipments might seem like a logistical problem, in healthcare, logistics directly translate to patient outcomes. Delays in the supply of essential equipment or medications can jeopardize treatment schedules, affect surgical procedures and hinder emergency responses.

“Every single day doctors are buying from the major brands like McKesson, Henry Shine, AbbVie, all these folks, and oftentimes they’re doing it manually through a salesperson who comes to their office and sends them an invoice … it gets very jumbled up and the process is obscure,” Jonathan Chen, founder and CEO of Nitra, told PYMNTS CEO Karen Webster last year.

As PYMNTS Intelligence found in a report done jointly with Citi, “The Impact of Misunderstood Treasurers in Healthcare,” 44% of healthcare treasurers say their cash flows are predictable. That leaves a majority, at 56%, of treasurers who say that their cash flows are unpredictable.

Read more: Healthcare Delivery Models Have Changed, Why Haven’t Payment Processes?

The NHS supply chain incident serves as a stark reminder of the cybersecurity challenges facing healthcare procurement systems. After all, the latest PYMNTS Intelligence revealed that the healthcare industry’s payment technology is outdated compared to other fields. As of 2024, just over 1 in 2 healthcare executives (54%) believe their organizations’ technology is sufficient.

“There’s a lot of admin work that needs to be done [in healthcare] because it’s so regulated,” Nelly Co-founder and CEO Niklas Radner told Webster in a PYMNTS interview posted Feb. 3.

Still, while meeting regulatory standards is a good start, organizations may still need to go beyond compliance to build a truly resilient supply chain.

As the industry continues to digitize, securing procurement and vendor systems should be viewed as among the top priorities for success. Fortunately, by leveraging advanced technologies, adhering to regulatory frameworks and fostering industry-wide collaboration, the healthcare sector can build a more resilient and secure supply chain.

Artificial intelligence (AI) and machine learning (ML), for example, are increasingly being deployed to monitor supply chain activities for unusual patterns. These technologies can help to flag potential threats before they become breaches, offering a proactive approach to cybersecurity.

In an interview with PYMNTS last year, Big Data Healthcare (a wholly owned subsidiary of Fifth Third Bank) President and Co-founder Dean Puzon said, “Automation can significantly transform the payment reconciliation process in healthcare,” adding that the future of healthcare payments is defined by the benefits of automation, artificial intelligence and data-driven innovations.

For all PYMNTS B2B coverage, subscribe to the daily B2B Newsletter.

The post B2B Healthcare Procurement Has a Growing Hacking Problem appeared first on PYMNTS.com.