Written by Rich Murphy, Product Director - iatricSystems
Look back to 2020, and you’ll see that it was a record year for cyber breaches. The shift to working from home created new security gaps that most organizations weren’t prepared for. Match that with how reliant the healthcare industry is on internet-connected devices, telemedicine, and digital health records, and you’ll see how maintaining cybersecurity creates major roadblocks to improving patient care in organizational efficiency.
Check Point reports that healthcare accounted for 79% of all reported data breaches during the first ten months of 2020. Just in November, the number of weekly attacks on healthcare reached an average of 626 per organization.
Looking forward to 2021, Data Privacy Day is a wonderful opportunity to generate awareness about the importance of privacy, highlight simple ways to protect personal information, and reminds organizations in all industries that privacy is good for business.
To help you celebrate Data Privacy Day on January 28, we’re sharing 5 key tips for protecting your personal information and offer insights into securing healthcare-related data to protect your employees, patients and organization as a whole.
1) Ready, Set, Update!
Having the latest security software, web browser and operating system is your best defense against viruses, malware and other online threats. This goes for your desktops, laptops, tablets and mobile phones too! Take the time to make sure everything is up to date on your personal and work devices. Bonus tip: This is also a great opportunity to back up important information and turn on automated updates.
2) Say Goodbye to Simple Passwords
NordPass listed the 200 most common passwords, and “123456” tops the list and only takes less than a second to crack. Unfortunately, your username and password aren’t enough to protect your accounts. Instead, consider using a password generator to create unique passwords. Better yet, implement
multi-factor authentication to verify logins for greater security.
3) When in Doubt, Don’t Click the Link
Whether in an email, tweet, online ad or attachment, don’t click links from unknown senders. Hackers use these malicious links to gain access to your network and potentially hold your data for ransom. If you come across something suspicious, don’t click it and alert your staff to do the same. Organizations can also send out phishing tests to employees to see who clicks the link and determine if more security training is needed.
4) Open Up Your Privacy & Security Playbook
You can’t expect staff to follow privacy and security best practices if they don’t know what those are or what to do. Your written security policy is there to educate employees and third parties about what’s expected of them to protect the organization. Now’s the time to review, update, and enforce it. If you need help or are starting from scratch, check out our eBook: How to Build Effective Privacy Policies and Procedures.
5) Know Who Has Access
Does everyone really need access to Jane Doe’s x-rays? No! And that’s a HIPAA violation. Internal breaches are just as harmful as outside threats. According to the Verizon 2020 Data Breach Investigation Report, 48% of healthcare breaches were caused by insiders. Make sure you review access privileges to sensitive info for all employees and third parties regularly and make updates if necessary.
Data is at the heart of your healthcare organization. While cybercriminals will always try to steal it, we’ll continue to give our best with educational information, expertise and the solutions you need to protect it.