Cyber security image

5 strategies to boost your healthcare cyber security

by ​Ashish Patel
To say that healthcare has recently gone through some tough times in relation to data breaches would be an understatement.

According to IBM’s 2016 Cyber Security Intelligence Index1, in the past year, healthcare experienced more cyber attacks and data breaches than any other industry. And it’s easy to understand why.

Healthcare data is rich in personal information and therefore valuable to identity thieves, giving access to credit card information, email addresses, Social Security numbers, employment data and health history. The average number of healthcare cyber attacks rose to 3.4 per week for IBM clients participating in the survey.

Healthcare systems are becoming increasingly interconnected, which leads to additional opportunities to obtain valuable information.

Moreover, it’s not just large healthcare organizations that are falling victim; even small-to medium-sized organizations and their patients are experiencing at least one cyber attack each month, according to the Ponemon Institute’s State of Cybersecurity in Healthcare Organization’s 2016 report.2

But, it’s important to recognize that your healthcare organization, regardless of its size, doesn’t have to be one of them. Implementing proactive strategies like the following can help protect your organization against attacks:

1. Understand and monitor data access points: It’s important to have a solid grasp on where data is entering and exiting your systems to identify lapses in data and device security. This includes examining each data touch point, such as employee and third-party access to your systems.

2. Lock down workstations, printers and multifunction printers (MFPs) to help prevent unauthorized access: Healthcare systems are becoming increasingly interconnected, which leads to additional opportunities to obtain valuable information. Make sure security tools are implemented and being used with each device.
3. Conduct comprehensive annual risk assessments at least once a year: The way cybersecurity attacks are executed is constantly changing and adapting. As a result, you should continually review and update your cyber security protocols and response plans. Implementing a risk assessment in your organization can make a significant impact in the long-run.

4. Educate end users on cyber security in addition to HIPAA requirements: Did you know that only 25 percent of IT professionals across all industry segments are confident in employee cybersecurity awareness?3 Give your team the information and tools they need to help protect healthcare information and adhere to the latest rules and regulations.

Arm your healthcare organization against cyber attacks

Cybersecurity attacks are on the rise. Educate yourself about healthcare security strategies with this complementary trend report.
5. Review how business systems and processes support security: Take time to thoroughly review all aspects of data collection, storage and use to improve and support tighter security measures across your organization — from business operations to output management and interoperability.
Author Icon
Ashish Patel, Principal Consultant, Enterprise Consulting Services for Ricoh USA, Inc., optimizes business critical services and programs for global customers, with a focus on business process agility, governance, risk and compliance. Patel’s experience includes management and technology consulting, strategic planning, business development, and full life cycle management of large business process and technology transformation projects across a range of industries. Patel holds a Master of Science in Electrical Engineering from UCLA, as well as a Master of Science in Information Engineering and Management from Southern Methodist University.
1 "2016 Cyber Security Intelligence Index." IBM.
2 "The State of Cybersecurity in Healthcare Organization’s in 2016." Ponemon Institute.
3 Matt Smith. "Only a quarter of IT professionals confident in employee cyber security awareness." Business Reporter. March 21, 2016.