Live Webinar | Coronavirus
Relying on aggressive financial policies and collection tactics won't help your organization adapt to the "patient as payer" model, especially after the pandemic. Instead, you need a strategy that helps patients easily navigate the financia...
Save
Live Webinar | Coronavirus
On April 30, CMS distributed a second interim final rule with updates which can help healthcare providers respond to the public health threats as a result of the COVID-19 crisis. Experts from BKD, LLP will review the Interim Final Rule (IFR...
Save
On Demand Webinar | Overview | Coronavirus
As states loosen and lift their "shelter in place" orders and restrictions on hospital elective procedures, hospital volumes will begin to return. The question is: What will the recovery look like? Ensemble Partners and SSI Group have joine...
Save
On Demand Webinar | Intermediate | Coronavirus
<div>The quick onset of COVID-19 forced the majority of health care organizations to change their business models in a significantly accelerated manner to ensure the continuity of their operations.&nbsp; This has introduced unanticipated ri...
Save
On Demand Webinar | Overview | Coronavirus
Providers are facing challenges due to COIVID-19 and are in an unexpected position of dealing with a global health crisis while managing the financial impact on their organizations. During this session, EY practice leaders will share some o...
Save
Article | Coronavirus

How healthcare organizations can prepare employees to securely work from home and avoid cyberattacks during the coronavirus crisis

Article | Coronavirus

How healthcare organizations can prepare employees to securely work from home and avoid cyberattacks during the coronavirus crisis

Healthcare organizations that sent employees home to avoid the coronavirus are now at higher risk for viruses of another sort — those that come after cyberattacks. As companies across the United States scrambled to set up their employees for remote work, many inevitably found they were not prepared, according to one expert. 

“Every business in every possible industry is having this same problem,” said Darren Guccione, CEO and cofounder of Keeper Security. “Traditionally, what you see is, when companies go remote, they haven’t planned accordingly.” 

He recommended several steps leaders can take to ensure productivity stays high, and employee and patient information is secure.

Addressing hardware and software needs

Leaders should make sure employees are provided with the hardware and equipment they need, like dual monitors, laptop, check-scanning device and printer. “You have to build up an inventory of what you need for each person,” he said.

Leaders also should make sure employees have the software they need and can get secure access while working remotely. There should be endpoint security on every machine and password security information running constantly, Guccione said. “When you’re remote, you’re going to have a greater number of usernames and passwords,” he said. Systems that help teams stay in touch such as Slack, Zoom or Microsoft Teams can be useful, as well.

Mitigating risk for cyberattacks

A mass exodus from the office to remote workspaces is an appealing scenario for cyber criminals, Guccione said. “IT departments are going to be stressed. This is when cyber criminals are always on the attack.”

With so many people working from home, remote workers will be using the same logins on multiple systems, so if one person’s system gets breached, the whole organization is at risk.  “Once they breach your computer and it’s connected to a network, they can get access to a greater amount of information,” he said.

Guccione recommended IT departments take the following actions to mitigate the risk of cyberattacks:

  • Determine which people on which devices have access to which systems at which times of day, and review audit logs to ensure employees are accessing only what they should.

  • Scan inbound emails for threats and unknown file types. Educate staff about how to look for the warning signs for spam, and what to do if they receive it.

  • Make sure security systems are working properly and remote files are backed up. Patient records should be protected and encrypted so all files are always secure.

  • If any systems in the organization are hit with ransomware, do not pay the ransom.  “Quite frequently, cyber criminals are evil, and even if you pay them, they won’t release the computer,” Guccione said. Secure backups will ensure no information is lost.

About the Author

Erika Grotto, CHFP, CRCR,

is a senior editor, HFMA, Westchester, Ill.

Advertisements

Related Articles | Coronavirus

Blog | Coronavirus

ACHP survey: Many consumers are not comfortable going to the hospital during COVID-19

The ACHP survey on consumer behavior during COVID-19 provides insight into the challenges organizations will face as they attempt to engage healthcare consumers in non-emergent services.

News | Coronavirus

Medicare considering making telehealth expansion permanent, Verma says

Medicare is considering making permanent some of the temporary telehealth waivers it has issued during the pandemic.

News | Coronavirus

HFMA recommended coronavirus resources

The coronavirus is affecting the healthcare industry in unprecedented ways, and HFMA wants to help you stay up to date on the latest news about the outbreak. Come back to this page regularly for coronavirus resources, selected specifically for healthcare finance professionals, including Medicare information on regulations and guidelines, COVID-19 test pricing, COVID-19 coding, telehealth billing FAQs and more.

News | Coronavirus

CMS's latest guidance for healthcare organizations on the new coronavirus

The HFMA editorial team will continuously post the latest announcements from the Centers for Medicare & Medicaid Services (CMS) related to the COVID-19 outbreak.