Cybersecurity 101

What comes to mind when you hear the word “Cybersecurity”? We are constantly reading about how organizations need to ramp up their cybersecurity to protect data, devices and networks from unauthorized access including cybersecurity criminals.

NIST defines cybersecurity as the prevention of damage to, unauthorized use of, exploitation of, and – if needed – the restoration of electronic information and communications systems, and the information they contain, in order to strengthen the confidentiality, integrity and availability of these systems.

When there is an opportunity for a healthcare organization to “strengthen” their cybersecurity posture, do it! From ensuring machines and softwares are up-to-date with patching, licensing and additional security features, to having all devices current (no end-of-life machines on a business network, offering attackers an easy in).

Best practices to protecting the organization’s data and devices:

• Strong passwords are not optional – they are a necessity
• Encrypt sensitive data and portable devices
• Never leave devices unattended or unlocked
• Back up critical data (EMR, Practice Management, billing software) both onsite and offsite
• Practice email hygiene and always look for “Red Flags” especially when there are attachments or links in the emails

Follow these basic steps to further protect your environment, the organization and your patients’ data.

HIPAA compliance isn’t a one-time checklist. It’s ongoing, programmatic in nature, and requires demonstrated reasonable diligence to stay in good standing with the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR). Anatomy IT can provide you peace of mind with our expert HIPAA compliance services. To learn more, contact us here.