Nov 20, 2023

Watch Your Cybersecurity Blind Spots!

Healthcare organizations can protect patient data and reduce the risk of a cyberattack by being mindful of common blindspots.


Reliance on HIPAA Data Standards

Standards for data security are the backbone of healthcare cybersecurity, with HIPAA being the most ubiquitous framework. Although HIPAA borrows from the robust set of NIST standards, it does not match up favorably with more intensive data frameworks, so healthcare systems that rely exclusively on HIPAA are still at risk of attack. These standards remain a solid starting point, but organizations should look further if data security is their goal.

Nation-State Threat Actors

Recent world conflicts escalated the risk of attacks, with the Russia-linked REvil ransomware being a notable example. While individuals equipped with ransomware attacks may pose a moderate threat to hospital systems, nation-state hackers with unlimited resources pose a formidable threat to even the most secure health organizations. In addition, these nation-state actors have proven to be highly interested in data about the U.S. population collected in hospitals.

Attacks on Trusted Software

With this escalated risk following current world conflicts, many seemingly secure companies have suffered attacks, putting partners at risk. For example, SolarWinds and Microsoft Exchange attacks sent shockwaves through multiple industries, including healthcare. As a result, healthcare organizations and providers looking to protect themselves need to regularly evaluate the security of their systems and their vendor's systems.

Work from Home

COVID-19 created a cybersecurity blind spot for many providers in the form of "work-from-home." Even if IT locks down all data in hospital computers, employees working with sensitive PHI from home without the same safeguards as company equipment expose the information to risk. Additionally, home users may not be as savvy to potential malware and may click on suspicious links sent to their private accounts. If a bad actor gets access to their home PC, they potentially gain access to work information.

Covering IT Blind Spots

Fortunately, many trusted institutions like NIST and AICPA (American Institute of CPAs) maintain stringent guidelines and standards for companies to lock down their data. By being aware of these blind spots and taking steps to mitigate them, providers can protect their patients and livelihoods.

For steps to secure your medical organization's data, click here. For a guide on cybersecurity frameworks for medical organizations, click here.

 

I'm Interested in External Peer Review

Complete the form to schedule a demo or request an expert.

protected by reCAPTCHA
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Medplace

Everything You Need to Know About Improving Medical Peer Review

This guide will help explain everything you need to know about improving Medical Peer Review.

Read More
November 20, 2023

2 Ways to Standardize Your Peer Review Process

Here's how to standardize your hospital's peer review process with clinical guidelines and data collection.

Read More
October 13, 2023

Tips for Doctors Navigating Medical Peer Review

So, you've been selected to either conduct or be reviewed by a peer at your hospital. Here is what you need to know.

Read More
October 10, 2023

Get started in minutes.