Live Webinar | Technology
Healthcare cybersecurity should be one of the top risks on every healthcare professional mind including yours. We will discuss the seriousness of the healthcare cybersecurity landscape including top risks and patient safety impact, recent a...
Save
On Demand Webinar | Overview | Technology
Healthcare cybersecurity should be one of the top risks on every healthcare professional mind including yours. We will discuss the seriousness of the healthcare cybersecurity landscape including top risks, patient safety recent and near-ter...
Save
On Demand Webinar | Basic | Technology
In this joint presentation from Humana and their subsidiary, Transcend Insights, attendees will gain insight into how a major health plan currently receives/delivers healthcare data in a (lacking interoperability) environment and what devel...
Save
Article | Technology

How healthcare organizations can prepare employees to securely work from home and avoid cyberattacks during the coronavirus crisis

Article | Technology

How healthcare organizations can prepare employees to securely work from home and avoid cyberattacks during the coronavirus crisis

Healthcare organizations that sent employees home to avoid the coronavirus are now at higher risk for viruses of another sort — those that come after cyberattacks. As companies across the United States scrambled to set up their employees for remote work, many inevitably found they were not prepared, according to one expert. 

“Every business in every possible industry is having this same problem,” said Darren Guccione, CEO and cofounder of Keeper Security. “Traditionally, what you see is, when companies go remote, they haven’t planned accordingly.” 

He recommended several steps leaders can take to ensure productivity stays high, and employee and patient information is secure.

Addressing hardware and software needs

Leaders should make sure employees are provided with the hardware and equipment they need, like dual monitors, laptop, check-scanning device and printer. “You have to build up an inventory of what you need for each person,” he said.

Leaders also should make sure employees have the software they need and can get secure access while working remotely. There should be endpoint security on every machine and password security information running constantly, Guccione said. “When you’re remote, you’re going to have a greater number of usernames and passwords,” he said. Systems that help teams stay in touch such as Slack, Zoom or Microsoft Teams can be useful, as well.

Mitigating risk for cyberattacks

A mass exodus from the office to remote workspaces is an appealing scenario for cyber criminals, Guccione said. “IT departments are going to be stressed. This is when cyber criminals are always on the attack.”

With so many people working from home, remote workers will be using the same logins on multiple systems, so if one person’s system gets breached, the whole organization is at risk.  “Once they breach your computer and it’s connected to a network, they can get access to a greater amount of information,” he said.

Guccione recommended IT departments take the following actions to mitigate the risk of cyberattacks:

  • Determine which people on which devices have access to which systems at which times of day, and review audit logs to ensure employees are accessing only what they should.

  • Scan inbound emails for threats and unknown file types. Educate staff about how to look for the warning signs for spam, and what to do if they receive it.

  • Make sure security systems are working properly and remote files are backed up. Patient records should be protected and encrypted so all files are always secure.

  • If any systems in the organization are hit with ransomware, do not pay the ransom.  “Quite frequently, cyber criminals are evil, and even if you pay them, they won’t release the computer,” Guccione said. Secure backups will ensure no information is lost.

About the Author

Erika Grotto, CHFP, CRCR,

is a senior editor, HFMA, Westchester, Ill.

Advertisements

Related Articles | Technology

How To | Financial Sustainability

Financial Sustainability Report: March 2020

The March issue of the Financial Sustainability Report provides insights and guidance for healthcare finance leaders ranging from accessing untapped opportunities for cost savings to using risk stratification to improve the organization’s position in negotiating risk contracts.

News | Transparency

Information-sharing rule creates new hospital, health plan transparency requirements

Hospitals and health plans will face new patient data transparency requirements in as soon as six months under two new final rules from the federal government.

Trend | Risk Management

Advice from a hacker: How to safeguard medical devices from cyberattacks

The vulnerability of many medical devices to cyberattacks presents a serious safety concern for hospitals and health systems.

How To | Financial Sustainability

Financial Sustainability Report: February 2020

The February 2020 issue of the Financial Sustainability Report features articles on creating care pathways to eliminate unnecessary variations in care and on creating a dashboard to reduce spend on high-cost medications.