Healthcare News & Insights

New year, same threats: Keep your hospital safe from cybersecurity attacks

Healthcare organizations have been experiencing increased threats to their cybersecurity lately, due to the amount of private info they usually have on file. In particular, system attacks caused by ransomware are on the rise, and there’s no better time than the start of a new year to review your hospital’s security measures. 

Cybersecurity has been a top safety issue for many hospitals, and it looks to remain that way in 2018.

Security experts recommend healthcare organizations review their practices and procedures every year, so there’s no better time to check in on your facility’s cybersecurity.

Last month, the American Health Information Management Association (AHIMA) released guidelines to help hospitals prevent cyberattacks. Those guidelines include:

  • patching vulnerable systems and updating software
  • encrypting work stations, laptops, smartphones and tablets, and
  • strengthening password requirements.

AHIMA also recommends purging records and other information that’s older than what state and federal laws require to cut down on security risks from old software and decrease the amount of info that can be accessed if someone does succeed in hacking into your system.

4 cybersecurity keys

Beyond these guidelines, Healthcare IT News offers additional steps hospitals can take to protect themselves, including:

  1. Be sure to buy antivirus tools from a legitimate source. Some viruses pop up on computer screens claiming to be antivirus protection, so it’s important to only purchase protection from sources you know. If you’ve never heard of the brand, it’s best not to buy it.
  2. Limit access to data. When employees leave, make sure passwords are changed and access is removed, and don’t allow system administrators to share login info. The fewer people have access, the easier it is to stop a breach before it happens – or control one if it does. Your organization can also implement time-of-day restrictions. For example, if an employee only works day shifts and doesn’t have remote access privileges, shutting down his or her ID at night limits the chance it can be used by a hacker.
  3. Back up data. Make sure data backups are stored in an offsite location, so if hackers try to take over your system, your organization doesn’t lose access to the info it needs.
  4. Train employees on the risks. Fake websites, phishing emails and other scams are prevalent these days, so make sure employees know what to look for and how to spot a scam. If possible, add a security question to payroll or electronic health record systems. That way, staff won’t be tricked into entering personal info onto a fake site.

As hackers and cybersecurity thieves become more sophisticated, so should you. Because hospitals have access to significant amounts of personal, private info, maintaining and boosting cybersecurity procedures must be a priority in the new year.

Subscribe Today

Get the latest and greatest healthcare news and insights delivered to your inbox.