An Unhealthy Truth: We Need to Improve Healthcare Cybersecurity
05.13.2020 | Soliton Blog
Did you know there's a cyber hacker attack every 39 seconds? Cyber-attacks have grown every year, and now more than ever, it's essential to make sure you have cybersecurity to combat them.
Healthcare cybersecurity is especially important because of all the personal health records that hospitals hold on their computers. Keep reading, and we will walk through why we need to improve healthcare cybersecurity.
We need to improve healthcare cybersecurity because attacks have gone up every year. The healthcare industry has become a prime target. Data breaches cost the healthcare industry around $5.6 billion every year.
In 2018, hackers stole 15 million patient's personal health information.
Personal health information (PHI) and HIPPA compliance are two known phrases in the healthcare world. HIPPA requires the protection of a patient's personal health information. It's the job of the hospital or healthcare provider to protect this information.
There has been little investment in cybersecurity. This creates a higher risk for data breaches. Cyber attackers have become more sophisticated and harder to track or detect.
Hackers can break into a system in a few seconds or minutes, but it takes weeks or months to contain the breach. It takes time to put systems in place to prevent this attack from happening again.
The healthcare industry needs to improve cybersecurity because it has become a prevalent problem that isn't going to go away. You need to take action now with the help of your health IT security team and attacks every day to keep a patient's information secure.
How Can We Improve Healthcare Cybersecurity?
There are many ways healthcare can improve cybersecurity.
We are going to go through a few ways to improve hospital cybersecurity that the healthcare industry can use as a model or starting point.
Training and Awareness
Phishing attacks targeted at healthcare professionals are on the rise. During a public health emergency, these attacks only increase. It's essential to make your employees aware of what a phishing attack is and what steps they should take if they think they received one.
For example, you could have your health IT security team create fake phishing emails. Then, send them out to your employees on a routine basis after their training.
The testing will train them to look for these emails. Then you can create a process that they should not click on anything or download files in these emails and forward them straight to IT. You can even create an incentive if someone catches a lot of these practice emails.
Anti-Virus and Anti-Malware Software
Make sure you have your anti-virus and malware software up to date. Turn on automated updates for virus software. If your employees have computers that they take outside of the hospital, make sure they do the same.
For your employee and patient portals, add another step people have to complete before they can get into their account.
You are taking a step beyond having a username and password. You could use a system that requires a code texted to the employee or patient's phone or sent to their email. Then they have to enter the code before they sign in as an example.
It's time to get your hospital or provider on track with healthcare cybersecurity.
Now more than ever it's important to keep patient information safe and get your health IT team prepared to protect your data. The more remote medicine is the more vulnerability to threats to cyberattack grow.
Start your employee cybersecurity training program today and learn more about Soliton SecureDesktop.