Cybersecurity may not be high on your priority list. Perhaps you think it’s not a real concern or maybe you think you’ve got it covered. But before you put this issue on the back burner, consider these questions:
- What would it cost your company to lose access to data, EHRs, or other technology applications?
- Do you know your organization’s top cybersecurity risks? Do you have a plan to address them?
- What are your cybersecurity policies and procedures? When were they last updated? When was staff last educated/informed about these? What is your process for training new staff about cybersecurity?
- Do you have a disaster recovery data center?
The top causes of data breaches, according to the Healthcare Information and Management Systems Society, are phishing attacks (57%), credential harvesting (2%), malware/ransomware (20%), and social engineering attacks. To prevent breaches and attacks, focus on 5 key areas: protected health information, legacy systems, policies for data security, planning for disasters that bring systems down, and network security.
Taking a few steps can help prevents headaches, inconvenience, delays, and even disasters:
- Provide regular, consistent, and updated cybersecurity training/education for staff. Conduct tests (but make these instructive and not punitive in nature).
- Implement automated back-ups of critical systems.
- Have encryption systems for emails/data.
- Implement alerts for large or suspicious file or monetary transfers.
