Cybersecurity is a bid deal. Ransomware and malware attacks are daily and data thefts are the great train robberies of the 21st century. Factor in the fact that personal healthcare information is nearly 40-times more valuable than straight up credit card info, or social security numbers and you see why hospitals and medical practices are especially vulnerable. According to the American Medical Association “4 out of 5 health care providers and payer executives say their health IT systems have been compromised by cyberattacks.”
Ready to play defense? Good! A caveat: this information doesn’t guarantee legal compliance with HIPPA by a long shot.
Analyze your risk
While the Health Information Portability and Accountability Act of 1996 (HIPAA) security rule and the Electronic Health Record (EHR) Meaningful Use/Advancing Care Information program both require physicians to conduct a security risk analysis, good health IT system hygiene goes beyond compliance with government regulation. Moreover, using certified EHR technology means that your EHR has certain security capabilities, but is not a guarantee of either legal compliance or robust protection.
Cell phones, tablets, and laptops
Encrypt and password-protect all mobile devices. Note, over 5 million smartphones are stolen every year.
Update often to foil malicious software
Protect your computer and software against malware by ensuring that your software, computer, and server operating systems updated regularly. Don’t ignore the update messages. They almost always contain security patches. Handle it yourself, or find a friendly IT expert. And while you’re at it, have them Install and update your anti-virus software.
WiFi Security
You need two Wi-Fi networks: one for your practice and another for your patients (Use different passwords for each.
Password Hygiene
Tip No. 1. Don’t use the name of your Scottish terrier. Hacker software can break simple passwords in less than 90 minutes. Create a schedule for updating passwords, and insist that your staff uses strong passwords. A strong password is not a word or phrase, e.g. Vikings2017, it’s a soup of upper and lowercase letters, numbers, and symbols that’s at least 8 characters long. For example: !bR549$O
To save time, use one of the many password generators on the Internet.
Resources
Strong Random Password Generator
Random.org – Password Generator
Norton Identity: Safe Password Generator
The American Medical Associations Guidelines for Cybersecurity