<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=522217871302542&amp;ev=PageView&amp;noscript=1">

5 Security Solutions Everyone in the Healthcare Industry Should Be Using

Posted by Amber Langdon on Jul 12, 2017 10:00:00 AM
Amber Langdon

Security is especially essential for healthcare organizations, as they are a top target for cyberattacks. Healthcare records can sell for up to ten times more than a credit card number, making them a very popular mark for cyber criminals. Additionally, the Health Insurance Accountability and Portability Act (HIPAA) require healthcare organizations to protect the privacy of their patient information.

To help your customers in the healthcare industry protect their data, review their cyber security systems, and ensure they incorporate all five of these security measures.

1. Backup Software

Backup software should be used at all healthcare organizations. If your customers’ systems are infected with ransomware and have backups installed, the files will be safe – considering paying the ransom will not be required. It’s essential that the backup is run daily and there are various backup solutions, both on premise and in the cloud. WannaCry ransomware recently infected tens of thousands of computers and forced many healthcare organizations to turn away patients because they could not access their systems. According to Forbes, WannaCry also caused the first known instance of ransomware directly affecting the operation of a medical device. If these organizations had backup software in place, they would have been able to serve their patients.

2. Endpoint Protection 

Every healthcare organization must have endpoint protection to help prevent the numerous ransomware attacks they battle. An estimated 54 percent of emails received by a healthcare organization are spam, making endpoint protection essential to protect against known and unknown threats. Symantec recently reported that they “blocked 22 million WannaCry infection attempts across 300,000 endpoints.”

3. Firewall

According to the Sans Institute, the firewall is one of the seven hardware devices “of the highest concern and applicability to HIPAA security regulations for systems certification and accreditation.” As the barrier between a healthcare organization’s valuable data and outside threats, the firewall follows an established set of rules and blocks outside information that seems malicious. A healthcare organization should frequently monitor their firewall to ensure it’s configured properly.

4. Encryption

All healthcare companies should have encryption on all devices, due to the large amount of patient data their systems contain. File and disk encryption will protect confidential data stored on a healthcare organization’s computers. With whole disk encryption, a password will be required each time the user turns on their device, and is an extra barrier if a laptop is lost or stolen. After a laptop containing patient data was stolen from a Children’s Hospital of Los Angeles physician, the hospital had to notify 3,600 patients that their information may have been compromised. Encryption would prevent a thief from logging into a stolen computer and accessing confidential information.

5. Security Awareness Training

Hospitals are hit with 88 percent of all ransomware attacks, and data breaches cost America’s hospitals roughly $6 billion a year, according to security firm KnowBe4. 91 percent of the damaging data breaches started with a spear phishing attack. Security awareness training allows companies to deploy simulated phishing attacks to their users and train them on how to handle the threats they face every day. A Missouri hospital was recently hit by a W-2 phishing scam, and an employee provided the cybercriminal with current and previous employees’ W-2s. Additionally, security awareness training is a HIPPA requirement.

For more information on security solutions for your healthcare customers, contact a member of the Tech Data Security and Information Management team today at securityservices@techdata.com or 800-237-8931, ext. 73246.

Sources:

http://www.beckershospitalreview.com/healthcare-information-technology/15-latest-healthcare-data-breaches-security-incidents.html

http://www.businessnewsdaily.com/9391-computer-encryption-guide.html

https://flipboard.com/@forbes/-medical-devices-hit-by-ransomware-for-t/f-e50a20fd24%2Fforbes.com

http://hitinfrastructure.com/news/using-firewalls-to-strengthen-healthcare-network-security

https://www.sans.org/reading-room/whitepapers/hipaa/hipaa-compliant-configuration-guidelines-information-security-medical-center-environment-891

Tags: Security, Healthcare