Written by Rich Murphy, Product Director - iatricSystems
The iatricSystems Fall Exchange addressed various healthcare IT challenges covering topics such as privacy and security, clinical improvements and report writing. As we continue this blog series, you’ll learn key points and insight from industry experts and their discussions with healthcare leaders. You can also access all of the recorded privacy and security sessions here.
Combating the Rise of Ransomware Attacks
It’s difficult to ignore the constant headlines of major hospital systems experiencing cyber breaches and ransomware attacks. Microsoft recently reported an alarming uptick of ransomware attacks, noticing an increase in intensity and frequency.
Ransomware claims a new victim every 10 seconds causing significant disruptions to business operations. While organizations continue to get DHS and FBI alerts about the latest threats, specifically, it seems that humans continue to be the greatest vulnerability to healthcare networks.
In the Fall Exchange session, The Evolving Environment of Privacy and Security, Chief Technology Officer at Franciscan Health, Chuck Christian discussed how security threats and risks forced his team to think, work, and interact with other departments in new ways.
When it comes to the people aspect of security, he said, "We have to continue to educate our staff. Be diligent, not be complacent. We can’t think that everybody is going to do the right thing. We just have to remind them what the right thing is along those [security] lines."
One way hospitals can make sure everyone is on the same page is to ensure policies, procedures, and training methods are up-to-date and effective against preventing disruptive attacks. Most experts recommend reviewing policies annually, but it’s also a good idea to implement annual training for your staff to ensure they’re following security guidelines. Check out this ebook for some privacy policy guidance.
Chuck also noted that vendor remote access has “always caused me to lose sleep in the evenings because most vendors think that they should have unfettered access to your network.”
Just this year, the HHS tally shows 170 breaches, affecting nearly 12.9 million individuals, were reported as involving a business associate. The reality is that every user doesn’t need access to everything within your system. This leaves too many security gaps, and oftentimes vendor access is an easy entryway for cybercriminals to get into your network.
Through his own experiences and conversations with other hospitals, Chuck urges organizations to set up permissions based on the individual users, and what they truly need to access based on their titles and duties. For more information about how to help with your remote access strategy, check out this video.
Above all, Chuck explains that the best way to proactively prevent cyberattacks and ransomware is to get the entire organization working towards the goal of ultimate security – it’s not up to a single person or a single department; everyone must be diligent and do their part.
As security continues to be a top initiative for healthcare organizations, we’ll continue to drive insightful conversations that can truly help everyone create a more secure environment to protect organizations and their patients.
During the Fall Exchange, we also shed light on the current state of healthcare privacy and security, the impact of remote access, and artificial intelligence innovations. You can access all of the session recordings to watch on-demand.
Feel free to contact us at info@iatric.com if you have any questions or would like to learn more about our portfolio of security and patient privacy solutions.
