Table of Contents
Watch Your Cybersecurity Blind Spots!
Healthcare organizations can protect patient data and reduce the risk of a cyberattack by being mindful of common blindspots.
Reliance on HIPAA Data Standards
Standards for data security are the backbone of healthcare cybersecurity, with HIPAA being the most ubiquitous framework. Although HIPAA borrows from the robust set of NIST standards, it does not match up favorably with more intensive data frameworks, so healthcare systems that rely exclusively on HIPAA are still at risk of attack. These standards remain a solid starting point, but organizations should look further if data security is their goal.
Nation-State Threat Actors
Recent world conflicts escalated the risk of attacks, with the Russia-linked REvil ransomware being a notable example. While individuals equipped with ransomware attacks may pose a moderate threat to hospital systems, nation-state hackers with unlimited resources pose a formidable threat to even the most secure health organizations. In addition, these nation-state actors have proven to be highly interested in data about the U.S. population collected in hospitals.
Attacks on Trusted Software
With this escalated risk following current world conflicts, many seemingly secure companies have suffered attacks, putting partners at risk. For example, SolarWinds and Microsoft Exchange attacks sent shockwaves through multiple industries, including healthcare. As a result, healthcare organizations and providers looking to protect themselves need to regularly evaluate the security of their systems and their vendor's systems.
Work from Home
COVID-19 created a cybersecurity blind spot for many providers in the form of "work-from-home." Even if IT locks down all data in hospital computers, employees working with sensitive PHI from home without the same safeguards as company equipment expose the information to risk. Additionally, home users may not be as savvy to potential malware and may click on suspicious links sent to their private accounts. If a bad actor gets access to their home PC, they potentially gain access to work information.
Covering IT Blind Spots
Fortunately, many trusted institutions like NIST and AICPA (American Institute of CPAs) maintain stringent guidelines and standards for companies to lock down their data. By being aware of these blind spots and taking steps to mitigate them, providers can protect their patients and livelihoods.
For steps to secure your medical organization's data, click here. For a guide on cybersecurity frameworks for medical organizations, click here.
Everything You Need to Know About Improving Medical Peer Review
This guide will help explain everything you need to know about improving Medical Peer Review.
2 Ways to Standardize Your Peer Review Process
Here's how to standardize your hospital's peer review process with clinical guidelines and data collection.
Tips for Doctors Navigating Medical Peer Review
So, you've been selected to either conduct or be reviewed by a peer at your hospital. Here is what you need to know.