I think I want to stay in bed…Have you ever had one of those weeks when everything went wrong all week and every day was a Monday? The week of May 13 th was one of those weeks for IT and cybersecurity. As I was reading throughout the week, I found articles about:
The Two Tales of Remote Access Security: Protection from Hackers, and Meeting Regulatory Requirements.
It’s all over the news - a new healthcare breach here, a new healthcare IT study there, that talks about how healthcare IT security needs to be a focus in 2019. Yet, we are already seeing more breaches in 2019 than ever before.
All hospitals know that they need to have some form of security plan in place to protect patients and their information. The problem is that the changing requirements and increase in breaches means that this plan has to always be evolving. Hospitals likely have goals for what they would like to change in the future to make sure they are adapting to the ever-changing threat landscape.
I recently posted about Ten Best Practices to Mitigate Cybersecurity Threats that came from recommendations by the Health and Human Services publication, “Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients.” That document addresses five cyber threats, with ten best practices for small to large healthcare organizations.
On October 27, 2015, Congress passed the Cybersecurity Information Sharing Act (CISA). Section 405 of CISA is specific to healthcare and charges Health and Human Services (HHS) with the responsibility of leading healthcare cybersecurity efforts, with the goal of keeping patient personal data secure.
Vendors always attempt to position themselves as a partner and a friend. The vendor relationship can sometimes get confusing and cause frustration around expectations, and one of those expectations is protecting data. So, the Vendor Relationship: BFFs? or Covered Entity and Business Associate?
It’s enough stress on CIOs and IT Directors to worry about a breach occurring in their own organization; but add to that stress the concern of being responsible as well, if a breach happens at one of their vendors. It can be overwhelming!
ECRI Institute recently announced their annual “Top 10 Health Technology Hazards for 2019.” If you keep abreast of Health Information Technology (HIT) news, you already know the number one risk: hackers can exploit remote access to systems, disrupting healthcare operations.
"The consequences of an attack can be widespread and severe, making this a priority concern for all healthcare organizations," said ECRI Health Devices Program Executive Director David Jamison. "In critical situations, this could cause harm or death."
The topic of security is on the minds of most healthcare IT professionals today. Securing remote access to your hospital's network is the deadbolt that helps protect your data. Most people don't leave their backdoor wide open, or expect that little doorknob lock to be secure, so why do most hospitals do the equivalent with their networks?
According to Frost & Sullivan, Artificial Intelligence systems are projected to be a $6 billion dollar industry by 20211. In fact, if you Google “artificial intelligence” and “patient privacy” you’ll get at least 35,000 results. There’s been a lot of hype in the media recently about artificial intelligence (AI) and whether or not it’s good or bad for patient privacy. No matter where you stand on the topic, there’s no doubt that AI is already helping privacy auditors save time. Read on to learn how…
Today I realized that in September of this year, I will have been in Healthcare IT for 28 years. During that period of time, I've performed a number of jobs and learned many different things. I've been in both technical and non-technical roles, in staff and leadership positions, and had the pleasure of working with some amazing people in many different states. The greatest lesson I have learned along my journey is that people are the most important aspect of any successful technology project.
On August 14th at 2:00 p.m. ET, join me for "How the Human Factor Impacts Patient Privacy," an educational webinar where I’ll discuss a number of breaches and show examples of how the human factor was ultimately the root cause. Use the link above to register to attend, and read the rest of this blog post for the background to set the stage.