Most hospitals have come to embrace technology in storing patients information, case files and other sensitive and private information but as it is today, Cybersecurity is now a top safety issue for many hospitals. Security experts recommend healthcare organizations review their practices and procedures every year, so there’s no better time to check in on your facility’s cybersecurity.
The American Health Information Management Associate (AHIMA) released guidelines to help hospitals prevent cyber attacks. Those guidelines include:
- patching vulnerable systems and updating software
- encrypting workstations, laptops, smartphones and tablets, and
- strengthening password requirements.
AHIMA also recommends purging records and other information that’s older than what state and federal laws require to cut down on security risks from old software and decrease the amount of info that can be accessed if someone does succeed in hacking into your system.
4 cybersecurity keys
hospitals can take to protect themselves, including:
- Be sure to buy antivirus tools from a legitimate source. Some viruses pop up on computer screens claiming to be antivirus protection, so it’s important to only purchase protection from sources you know. If you’ve never heard of the brand, it’s best not to buy it.
- Limit access to data. When employees leave, make sure passwords are changed and access is removed, and don’t allow system administrators to share login info. The fewer people have access, the easier it is to stop a breach before it happens – or control one if it does. Your organization can also implement time-of-day restrictions. For example, if an employee only works day shifts and doesn’t have remote access privileges, shutting down his or her ID at night limits the chance it can be used by a hacker.
- Back up data. Make sure data backups are stored in an offsite location, so if hackers try to take over your system, your organization doesn’t lose access to the info it needs.
- Train employees on the risks. fake websites phishing emails and other scams are prevalent these days, so make sure employees know what to look for and how to spot a scam. If possible, add a security question to payroll or electronic health record systems. That way, staff won’t be tricked into entering personal info onto a fake site.
As hackers and cybersecurity thieves become more sophisticated, so should you. Because hospitals have access to significant amounts of personal, private info, maintaining and boosting cybersecurity procedures must be a priority in the new year.