Events Calendar

Mon
Tue
Wed
Thu
Fri
Sat
Sun
M
T
W
T
F
S
S
26
27
28
29
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31

Events

Articles

6 Ways Healthcare Facilities Can Address Cybersecurity Threats

cybersecurity

6 Ways Healthcare Facilities Can Address Cybersecurity Threats

Healthcare institutions are responsible not only for the physical health of patients but for their personal data. The Health Insurance Portability and Accountability Act requires facilities to guard the confidentiality of protected health information, which includes contact information as well as medical records, and imposes penalties on entities that fail to do so. Data breaches can be costly not only in terms of fines and reparations to affected patients but to reputation.

Not only that, but a cyberattack can also affect doctors’ and hospitals’ ability to provide care to patients. Like almost every other industry, health care facilities now rely heavily on computers and other internet-connected devices. While these are convenient, they also increase vulnerability to cyberattack. The last few years have seen the rise of ransomware, a type of malicious software that encrypts all the records in a system with a message that the creator of the malware will only reverse the encryption upon receiving a hefty payment. With the system inaccessible, it becomes difficult, if not impossible, for doctors to perform imaging studies and surgeries, even on critically ill patients.

Cybersecurity for healthcare facilities is therefore a life-and-death matter. While 92% of organizations that operate such facilities are confident in their ability to respond appropriately to an online attack, it never hurts to perform an audit and look for ways to improve.

1. Control Access to PHI

No one should have the ability to view protected health information unless he or she has a reason to see it. Therefore, access in the form of passwords and clearance should never be provided to unauthorized personnel. Systems should have different types of authentication in place to prevent unauthorized access from either inside or outside the facility, whether on purpose or by accident.

2. Protect Connected Devices

Any portable electronic device used to store, access, or share patient information with authorized personnel should be carefully protected, including devices such as tablets, smartphones, and laptops. This means cybersecurity measures, such as antivirus software and firewalls, but it also involves physical safeguards. For example, all such devices should be password protected and encrypted in case they fall into the wrong hands.

3. Use Strong Passwords

People often create weak passwords, or just keep the defaults, because they are easier to remember. However, these are easier for unauthorized personnel to figure out. Therefore, they do not provide adequate protection. Employees of a healthcare facility should receive instruction on how to create a strong password, what to do with the password once created, and how often to switch to a new password. Weak passwords are responsible for over half of all healthcare data breaches.

4. Maintain Antivirus Software

Those who launch cyberattacks are always looking for vulnerabilities in antivirus software that they can exploit. Therefore, the software is not something that a healthcare facility can just install once and then forget about. To provide adequate protection, it requires occasional updates so that it is ready to meet and defend against the most recent threats.

5. Prepare for the Unexpected

Despite the best efforts of the facility’s management and staff, data breaches and other cyberattacks may happen occasionally. Health care organizations can mitigate the damage done by backing up all files and records in a system separate from the main network in case of a ransomware attack. This means that the information will be accessible and patients can receive the care they need when they need it.

6. Limit Network Access

Do not allow just anyone to install applications or software on computers and other devices connected to the system. Require that they receive the permission from the proper organizational authorities first.

Rarely, if ever, do health care employees or management intentionally cause a data breach or leave the system vulnerable to cyberattack. Rather, it is the result of thoughtlessness or carelessness. Nevertheless, the consequences are significant for the patients and the facility alike. Facilities should be diligent about fostering a culture of security among all staff members.

HIMSS Special Part 1: HIT Visionary Zach Fox
Check out industry insight from HIT visionary and DrFirst Executive VP and GM, Zach Fox. Visit DrFirst at HIMSS Booth 6232.
We respect your privacy. Your information is safe and will never be shared.
Don't miss out. Subscribe today.
×
×
WordPress Popup
HIMSS Special Part 1: HIT Visionary David Lareau
Check out industry insight from HIT visionary and Medicomp CEO, David Lareau. Visit Medicomp at HIMSS Booth 3421
We respect your privacy. Your information is safe and will never be shared.
Don't miss out. Subscribe today.
×
×
WordPress Popup
casipoldiyarbetetabetetabetw88w88w88betfokusbetfokuslordbahisparobetparobetbuzbahisbullbahiscasino sérieuxcasino sérieuxcasino sérieuxcasino sérieuxcasino en ligne populairemeilleur site de jeux casino en lignemeilleur site de jeux casino en lignecasino en ligne en francecasino en ligne en francecasino en ligne de confiancebetbinanstwinplayistanbulbahisistanbulbahisistanbulbahisparis sportifs hors arjelonwin üyeliksahabet üyelikrestbet girişpulibetsüperbetinbtcbahiscanlı casino sitelerionline casino1xbet mobilligobet mobilcapitolbetmostbet üyelikbizbet üyelikgobahis girişmatbet girişikimisli girişbordobet girişbetcio girişalfabahisalfabahisbetgoowinxbetwinxbetwinxbetwinxbetbetkanyontaksimbetrexabetrexabetrexabetenobahisbookmaker hors arjelparis sportifs en Italieparier sur les cornersparier sur le nombre de tirsmystake chickenparis hippiques en ligneplinko francecasino diceBetzinoVasyCbetCasino Lucky8betkanyonbetkanyontaksimbettaksimbettaksimbettaksimbetbetistbetistbetistenobahisenobahisenobahisbetkolikbetkoliksmartbahissmartbahissmartbahistrendbettrendbetgamabetgamabetgamabetgamabetaspercasinoaspercasinoaspercasinonisanbetnisanbetnewbahismelbetonbahisbetonredbetonredromabettipobettipobetefes casinobetandreasfixbetbetbababetbababuzbahisbuzbahisbullbahisbullbahisbetsofbetsofall right casinokombinebetbetbinansbetbinansbetbinansmaksatbahisbetbabaorisbetorisbetbizimbahissiyahbethayalbahishayalbahishilbetsantosbettingsantosbettingsantosbettingsantosbettingnerobetnerobetswordbetswordbetswordbetinbahislevabetlevabetlevabetcasiveracasiveracasiverakordonbetkareasbetprincessbetkikbetkikbetkikbetbetmarketbetmarketbetmarketyapbahsinibetingoasyabahishipercasinocasinoperbahisnowsüpertotobetalibahisfaulbetfaulbetrelaxbahisbetingoasyabahiscasinopercasinoperbahisnowbahisnowpiyasabetpiyasabetyonjabetcasinoslotbetibombetibomredwin