Week 1 of National Cybersecurity Month
By Gil Vidals, , HIPAA Blog

If You Connect It, Protect It

October is National Cybersecurity Month, and ‘If you connect it, protect it’ is the theme for week #1. (With over 90% of the US population now on the internet, the theme easily might have been ‘When you connect it, protect it’).

It’s an apt reminder, as cybercriminals are capitalizing on the continuing explosion of data and connected devices: studies indicate that in 2016 organizations experienced a ransomware attack on the average of every 14 seconds; by 2021, it is estimated that frequency will be down to every 11 seconds. 

For healthcare, an emphasis on preventive care and greater personal monitoring will require added vigilance. “Wearables,” remote monitoring, smartphone apps, and telehealth are all connected technologies changing the way care is delivered right now – and all of these need IT protections. 

What will this mean going forward? A recent analysis promoting this digital transformation in healthcare concludes, 

Healthcare organizations will need a robust yet scalable security and storage ecosystem that is regularly backed up, available, and fully compliant. As patients demand more access to their data and providers capitalize on the cost and care benefits that result from this access, it will be up to IT to ensure that the right data is placed in the right hands at the right time, in any environment… 

Patients must feel confident that their personal genomes and other health records are not available for the world to see. Open standards and APIs must be secure, well documented and publicized…The digitalization of healthcare could be as life-changing as anesthesia or the smallpox vaccine. 

As the desired digital transformation continues in healthcare, so do the risks.  Not only are malicious actors a constant threat, but marketers and other “digital opportunists” also want a slice of the pie – even if it isn’t theirs to have.

So how can we – as individuals, IT developers, and healthcare providers – do our part to ensure data security and privacy right now

Here’s the week 1 recommendations from CISA, the Cybersecurity and Infrastructure Security Agency, for practicing good cyber hygiene:

1. Update all your security solutions, whitelist apps, limit your privileges (who has access), and use multifactor authentication for your sign-ons. (This last one helps to avoid a single-point of failure; if your password falls into the wrong hands, criminals will still need a secondary passcode to get to your data).

2. Segment your networks; make it hard for the bad guy to move around and infect multiple systems. Not only can the use of sub-networks increase security, it can also boost performance.

3. Develop containment strategies; if bad guys get in, make it hard for them to get stuff out. 

4. Know your system’s baseline for recovery; insist on regular backups. Regular backups are a requirement by HIPAA to maintain data availability, critical for continuing care.  

5. Review disaster recovery procedures and validate goals with executives.

When a malicious cyber attack can interrupt a healthcare system’s vital services and even threaten a patient’s health and well-being, cybersecurity must become an essential part of patient care. A cloud solutions provider like HIPAA Vault can help relieve the burden of managing the above concerns for you, so you can concentrate on what you do best – providing essential services. We’ll keep your data secure and services from going offline, with regular security updates and controls, data loss prevention solutions, regular backups, and more. 

Want to talk to a proven healthcare MSSP? Give us a call at: 760-290-3460, or look us up at www.hipaavault.com. 

HIPAA Vault is the leading provider of HIPAA compliant solutions, enabling healthcare providers, business organizations, and government agencies to secure their protected health information from data breaches, threats, and security vulnerabilities. Customers trust HIPAA Vault to mitigate risk, actively monitor and protect their infrastructure, and ensure that systems stay online at all times. In addition to providing secure infrastructure and compliance for health companies, HIPAA Vault provides a full array of HIPAA solutions, including secure email, HIPAA compliant WordPress, and secure file sharing, and more.