Many healthcare organizations have automated systems in place that actively scan their networks for suspicious activity and some even have their own Security Operation Centers (SOC) for the same purpose. Unfortunately, the healthcare industry still faces cybersecurity challenges including:

Ransomware: To pay or not to pay, that is the question. And are there any guarantees that if you pay the ransom, you will get your data back? What also needs to be addressed are the ramifications to the organization – cost, interruption to the business, and reputation.

Greater Investment: In order to secure the organization’s data - Protected Health Information (PHI) - there are financial investments that must be made, such as antivirus, ransomware/malware detection, vulnerability scans on firewalls and networks, email and portable device encryption, to name a few.

Connected Devices: Healthcare professionals are increasingly adopting the Internet of Things (IoT) and as a result have many more connected devices that need to be monitored and secured. Outdated operating systems that are no longer supported with security measures leave an organization wide open to attacks.

Backup and Data Recovery: Always have critical data backed up, onsite and offsite. In the event of a cybersecurity attack, having a “second” set of backups gives the organization the ability to quickly move to restoring operations. Healthcare organizations need to ensure their backups and data recovery plans are a critical part of operations.

Security and compliance are first and foremost in the management of our clients' systems. After conducting thousands of SRAs, common vulnerabilities began to emerge. We launched HIPAA Tip Tuesday to make clients aware of what actions they can take to address these vulnerabilities.

Have a great week!