Cybersecurity risks are on the rise across all industry, but for the healthcare sector, it isn’t something to take lightly. In 2018, more than 11.5 million patient records were breached leaving providers, patients, and their information vulnerable. To reduce these occurrences, healthcare organizations must work together to share threat information, build cyber strategies, and protect patient data. Read on to learn more.
According to Bitglass, a cybersecurity firm, the number of healthcare breaches last year dropped but, the number of records breached more than doubled to around 11.5 million. Organizations not only face loss of revenue, ransom cost, and damaged image, the HIPAA fines that accompany breached records can be hefty.
This is top of mind for many organizations. Cybersecurity, privacy, and security were the number one concern in a recent HIMSS survey. “To mitigate the increasing risk, healthcare organizations must begin to limit access and connection based on need rather than convenience, implement comprehensive layered security controls, and institute air gaps, jump boxes, and network segmentation wherever possible,” according to the Bitglass report.
Read more here.
ITSM for Healthcare Organizations
A recent study from MIT’s Sloan School of Management found that hospitals experience up to 70 percent of all ransomware attacks. In a recent interview with Chris Cullen of Perspectium, we explored how healthcare providers can be proactive with their data approach and what main vulnerabilities to keep in mind.
“Traditionally in hospitals, IT security and patient privacy are two separate departments or two separate areas, and they don’t really talk to each other much,” Cullen said. “Right now, in most cases, IT is siloed from the security team, and the security team is siloed from the privacy and compliance team. They don’t always talk to each other.”
Read more here.
Senator Mark Warner, D-Va., requested input from industry groups on how to strengthen healthcare cybersecurity. The request, sent to four federal agencies and 12 healthcare organizations, contained a list of questions that could help create a strategy to improve healthcare security in the short and long-term for practices of all sizes.
“We recommended that government can help by encouraging the adoption of cybersecurity best practices,” said Warner’s spokeswoman. “That includes multifactor authentication, full disk encryption, least privilege access, network segmentation, regular patching, employee education and awareness, information sharing and the use of DMARC – the Domain-based Message Authentication, Reporting & Conformance standard.”
Read more here.
To stay up to date on the healthcare cybersecurity landscape, subscribe today.