INTRO
For the last 4-5 years we have been educating our clients about the importance and details of proper security in your healthcare IT environment. We have been “preaching” the message of diligence and attention to detail as it relates to HIPAA and HITECH. However, the Healthcare media industry has really started to shine a light on the realities of security risk in our healthcare IT environments. This is no longer a HIPAA compliance project where we check a few boxes, update a policy book, do some DVD based training and expect that we have covered ourselves for the next audit. These risks are real and they can be extremely damaging to an organization if
not kept in check.
It’s time the industry stops hiding behind this “I’m too small, too rural, too remote for anyone to care” notion. Many small hospitals and practices might think they aren’t a target. So, let’s just be clear about something. It is not a matter of if, it is a matter of when you will have your next data breach. We say next because it is very likely you have already had one and just didn’t know it.
A health record is worth 10 times that of a credit card record on the black market today and just because you don’t have 100 million records on your system doesn’t stop the hackers from adding your 10,000 records to the other bank of records they are accumulating.
There are some practical actions and technologies that should be deployed in your organization today to protect yourselves from a breach. That’s why we’ve put together the following ‘Ten Security Risk Mitigation Strategies’ list for you. If you are a leader in a community healthcare organization, it’s critical that your organization is investing properly in these things, so use this list as a guide to check your efforts.
1. Routine staff training
2. Encrypted media
3. Mobile Security
4. Routine risk assessments, security audits and penetration testing
5. Intrusion Detection Services
6. Strong Password / Authentication Management
7. Web / Email Content Filtering and Encryption
8. Inventory Interfaces and File Extracts
9. Proactive Patch Management Discipline
10. Current Service Contracts on all Critical Systems
For complete Whitepaper, click here
Source ICE Technologies, Inc.