What Healthcare Can Do About Phishing

What Healthcare Can Do About Phishing

Healthcare Tech Outlook | Friday, April 19, 2019

As healthcare is heavily reliant on technology these days, the sector incurs more financial losses from data breaches than any other industry. At this point, health IT security experts might have a battle on their hands. The increasing adoption of electronic health records and the widespread use of mobile devices among providers have increased the endpoint security threat and a move toward more vulnerability ahead. Among the cyber attacks, phishing is one of the most popular ways attackers use to access secures data. Since many ransomware has been created to target healthcare facilities, the hospitals have explicitly become exposed to phishing schemes. But it is relatively easy to reduce risks in phishing.

How to Protect Healthcare Data from Phishing

The healthy way to protect healthcare data from phishing is to prevent employees from being able to visit the unsafe website because there are so many entrances through which employees can receive instructions to visit a dangerous website. To combat phishing, healthcare organizations should train employees on how to identify and avoid phishing emails. Organizations also need to adopt security best practices and deploy appropriate technology to lessen the chances that a phishing attack will succeed. 

Many companies and websites are already using multifactor authentication as a security measure, and it can do good for health organizations. Once a user provides their username and password, they have to enter an additional code sent to another device like a mobile phone before they can log in. This process can boost the security of the EHR system and prevent unauthorized access.

Discussing with the IT department or EHR vendors about security steps an organization can take can bring changes. Organizations can even ask them for advice to train employees. Creating awareness among employees about security is vital as there may be some pushback from individual staff members who may not be willing to take any extra effort for ensuring safety. This extra effort on security can provide savings in time and money in the long run. Some of these security strategies can be expensive, but data breach is much more costly to deal with.  Weighing a company’s options accordingly and setting aside a budget that best fits the needs is crucial.

Weekly Brief