Events Calendar

Today
Mon
Tue
Wed
Thu
Fri
Sat
Sun
M
T
W
T
F
S
S
29
30
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
1
2
A Behavioral Health Collision At The EHR Intersection
A Behavioral Health Collision At The EHR Intersection
2014-09-30    
2:00 pm - 3:30 pm
Online
Date/Time Date(s) - 09/30/2014 2:00 pm Hear Why Many Organizations Are Changing EHRs In Order To Remain Competitive In The New Value-Based Health Care Environment [...]
More Info
Meaningful Use and The Rise of the Portals
Meaningful Use and The Rise of the Portals
2014-10-02    
12:00 pm - 12:45 pm
Online
Meaningful Use and The Rise of the Portals: Best Practices in Patient Engagement Thu, Oct 2, 2014 10:30 PM - 11:15 PM IST Join Meaningful [...]
More Info
Adva Med 2014 The MedTech Conference
Adva Med 2014 The MedTech Conference
2014-10-06    
All Day
McCormick Place
Adva Med 2014 The MedTech Conference October 6-8, 2014 McCormick Place Chicago, IL For more information, visit, advamed2014.com For Registration details, click here  
More Info
Public Health Measures Meaningful Use
Public Health Measures Meaningful Use
2014-10-09    
12:00 pm - 12:45 pm
Online
Public Health Measures Meaningful Use: Reporting on Public Health Measures Join Meaningful Use expert Jim Tate for a three part series of webinars addressing MU [...]
More Info
2014 Hospital & Healthcare I.T. Conference
2014 Hospital & Healthcare I.T. Conference
2014-10-13    
All Day
Hyatt Regency O'Hare
Join us at our 2014 Hospital & Healthcare I.T. Conference and experience the following: Up to 125 Hospital & Healthcare I.T. executives from America’s most prestigious [...]
More Info
Connected Health Care 2014
Connected Health Care 2014
2014-10-14    
All Day
Courtyard by Marriott San Diego Airport/Liberty Station
Key Trends That will be Discussed at the Conference! Connected Healthcare 2014 is set to explore the crucial topics that are revolutionizing the connected health industry: [...]
More Info
HealthTech Conference
HealthTech Conference
2014-10-14    
All Day
San Mateo County Event Center
HealthTech Capital is a group of private investors dedicated to funding and mentoring new "HealthTech" start ups at the intersection of healthcare with the computer [...]
More Info
Health Informatics & Technology Conference (HITC-2014)
Health Informatics & Technology Conference (HITC-2014)
2014-10-20    
All Day
Baltimore, USA
Information technology has ability to improve the quality, productivity and safety of health care mangement. However, relatively very few health care providers have adopted IT. [...]
More Info
HIMSS Amsterdam 2014
HIMSS Amsterdam 2014
2014-10-20    
12:00 am
Hotel Okura Amsterdam
About HIMSS Amsterdam 2014 This year, the second annual HIMSS Amsterdam event will be taking place on 6-7 November 2014 at the Hotel Okura. The [...]
More Info
Patient Portal Functionality and EMR Integration Demonstration
Patient Portal Functionality and EMR Integration Demonstration
2014-10-22    
2:00 pm - 3:30 pm
Online
This purpose of this webcast is to present a demonstration to show how the Patient Portal integrates with EMR, as well as discuss how this [...]
More Info
Connected Health Symposium 2014
Connected Health Symposium 2014
2014-10-23    
All Day
Boston Seaport Hotel & World Trade Center
Symposium 2014 - Connected Health in Practice: Engaging Patients and Providers Outside of Traditional Care Settings Collaborating with industry visionaries, clinical experts, patient advocates and [...]
More Info
CHIME College of Healthcare Information Management Executives
CHIME College of Healthcare Information Management Executives
2014-10-28 - 2014-10-31    
All Day
JW Marriott San Antonio Hill Country
The Premier Event for Healthcare CIOs Hotel Accomodations JW Marriott San Antonio Hill Country 23808 Resort Parkway San Antonio, Texas 78761 Telephone: 210-276-2500 Guest Fax: [...]
More Info
The Myth of the Paperless EMR
The Myth of the Paperless EMR
2014-10-29    
2:00 pm - 3:00 pm
Online
Is Paper Eluding Your Current Technologies; The Myth of the Paperless EMR Please join Intellect Resources as we present Is Paper Eluding Your Current Technologies; The Myth [...]
More Info
Events on 2014-09-30
A Behavioral Health Collision At The EHR Intersection
A Behavioral Health Collision At The EHR Intersection
30 Sep 14
Online
Events on 2014-10-02
Meaningful Use and The Rise of the Portals
Meaningful Use and The Rise of the Portals
2 Oct 14
Online
Events on 2014-10-06
Adva Med 2014 The MedTech Conference
Adva Med 2014 The MedTech Conference
6 Oct 14
Chicago
Events on 2014-10-09
Public Health Measures Meaningful Use
Public Health Measures Meaningful Use
9 Oct 14
Online
Events on 2014-10-13
2014 Hospital & Healthcare I.T. Conference
2014 Hospital & Healthcare I.T. Conference
13 Oct 14
Rosemont
Events on 2014-10-14
Connected Health Care 2014
Connected Health Care 2014
14 Oct 14
San Diego
HealthTech Conference
HealthTech Conference
14 Oct 14
San Mateo
Events on 2014-10-20
Health Informatics & Technology Conference (HITC-2014)
Health Informatics & Technology Conference (HITC-2014)
20 Oct 14
West Lake, Los Angeles
HIMSS Amsterdam 2014
HIMSS Amsterdam 2014
20 Oct 14
Amsterdam
Events on 2014-10-22
Patient Portal Functionality and EMR Integration Demonstration
Patient Portal Functionality and EMR Integration Demonstration
22 Oct 14
Online
Events on 2014-10-23
Connected Health Symposium 2014
Connected Health Symposium 2014
23 Oct 14
Boston
Events on 2014-10-28
CHIME College of Healthcare Information Management Executives
CHIME College of Healthcare Information Management Executives
28 Oct 14
San Antonio
Events on 2014-10-29
The Myth of the Paperless EMR
The Myth of the Paperless EMR
29 Oct 14
Online
Articles

6 Ways Healthcare Facilities Can Address Cybersecurity Threats

October 12, 2020
cybersecurity

6 Ways Healthcare Facilities Can Address Cybersecurity Threats

Healthcare institutions are responsible not only for the physical health of patients but for their personal data. The Health Insurance Portability and Accountability Act requires facilities to guard the confidentiality of protected health information, which includes contact information as well as medical records, and imposes penalties on entities that fail to do so. Data breaches can be costly not only in terms of fines and reparations to affected patients but to reputation.

Not only that, but a cyberattack can also affect doctors’ and hospitals’ ability to provide care to patients. Like almost every other industry, health care facilities now rely heavily on computers and other internet-connected devices. While these are convenient, they also increase vulnerability to cyberattack. The last few years have seen the rise of ransomware, a type of malicious software that encrypts all the records in a system with a message that the creator of the malware will only reverse the encryption upon receiving a hefty payment. With the system inaccessible, it becomes difficult, if not impossible, for doctors to perform imaging studies and surgeries, even on critically ill patients.

Cybersecurity for healthcare facilities is therefore a life-and-death matter. While 92% of organizations that operate such facilities are confident in their ability to respond appropriately to an online attack, it never hurts to perform an audit and look for ways to improve.

1. Control Access to PHI

No one should have the ability to view protected health information unless he or she has a reason to see it. Therefore, access in the form of passwords and clearance should never be provided to unauthorized personnel. Systems should have different types of authentication in place to prevent unauthorized access from either inside or outside the facility, whether on purpose or by accident.

2. Protect Connected Devices

Any portable electronic device used to store, access, or share patient information with authorized personnel should be carefully protected, including devices such as tablets, smartphones, and laptops. This means cybersecurity measures, such as antivirus software and firewalls, but it also involves physical safeguards. For example, all such devices should be password protected and encrypted in case they fall into the wrong hands.

3. Use Strong Passwords

People often create weak passwords, or just keep the defaults, because they are easier to remember. However, these are easier for unauthorized personnel to figure out. Therefore, they do not provide adequate protection. Employees of a healthcare facility should receive instruction on how to create a strong password, what to do with the password once created, and how often to switch to a new password. Weak passwords are responsible for over half of all healthcare data breaches.

4. Maintain Antivirus Software

Those who launch cyberattacks are always looking for vulnerabilities in antivirus software that they can exploit. Therefore, the software is not something that a healthcare facility can just install once and then forget about. To provide adequate protection, it requires occasional updates so that it is ready to meet and defend against the most recent threats.

5. Prepare for the Unexpected

Despite the best efforts of the facility’s management and staff, data breaches and other cyberattacks may happen occasionally. Health care organizations can mitigate the damage done by backing up all files and records in a system separate from the main network in case of a ransomware attack. This means that the information will be accessible and patients can receive the care they need when they need it.

6. Limit Network Access

Do not allow just anyone to install applications or software on computers and other devices connected to the system. Require that they receive the permission from the proper organizational authorities first.

Rarely, if ever, do health care employees or management intentionally cause a data breach or leave the system vulnerable to cyberattack. Rather, it is the result of thoughtlessness or carelessness. Nevertheless, the consequences are significant for the patients and the facility alike. Facilities should be diligent about fostering a culture of security among all staff members.

Post Views: 335
Tags