Healthcare News & Insights

Protect your hospital from phishing: 5 ways to battle breaches

You don’t have to be super tech-savvy to protect your hospital from data breaches – you just have to make sure you’re armed with the latest info to prevent a phishing attack. Unfortunately, healthcare organizations are frequently victims of phishing attacks, and phishing is one of the most popular ways to access secure data. 

Phishing attacks are when a bad actor tricks someone into providing access credentials or visiting a fake website that installs malware.

Hospitals are particularly vulnerable to phishing schemes, since many ransomware programs have been created specifically to target healthcare facilities and the sensitive info contained in their systems.

Luckily, it’s relatively simple to reduce your hospital’s risk.

Save time and money

To prevent a data breach at your facility, you should follow the following five steps, as written in an article from Medical Economics:

  1. Determine which employees are most vulnerable. Sending out fake phishing emails can show you which staff members are most susceptible to downloading unknown files or visiting suspect websites. You’ll be able to target training directly to those workers and keep an eye on them. To prevent problems, you may want to limit their access to confidential data – or their access to a computer altogether.
  2. Implement multifactor authentication. Many websites and companies already use this as a security measure, and it can work for your hospital, too. How it works: Once someone enters their username and password, they have to put in an additional code sent to another device, like a smartphone, before they can log in. This can boost the security of your electronic health records (EHR) system and prevent unauthorized access.
  3. Discuss extra security. Talk with your IT department or EHR vendors about other security steps you can take, and ask them for advice on how to train employees and get them to buy in to any changes.
  4. Stress safety’s importance. There may be some pushback from staff members who don’t want to take extra steps to log in or don’t want to spend time learning a new system. But extra security can save time and money in the long run. Be sure they’re aware of its importance and why it’s necessary to implement advanced safety features.
  5. Plan your budget. Speaking of saving money: Some of these security steps can be expensive, but a data breach is much more costly and difficult to deal with. Weigh your options accordingly, and set aside a budget that best fits your hospital’s needs.

Subscribe Today

Get the latest and greatest healthcare news and insights delivered to your inbox.