• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • COVID-19 Update
  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Subscribe
  • Project of the Week
  • Latest News
  • About Us
    SEARCH
Network Security

7 Steps for Healthcare Facilities to Strengthen Cybersecurity

As cybersecurity spending around the world continues to skyrocket, healthcare institutions should be as eager as any to strengthen cybersecurity and prevent attacks.

May 15, 2017 Rozanne Andersen Leave a Comment

Healthcare isn’t the only industry that is worried about strengthening cybersecurity.

In 2016, cybersecurity spending around the world increased by nearly $74 billion – incredible growth in such a short timeframe. It shouldn’t be much of a surprise, though, as the average cost for each stolen record now sits at $158, and the consolidated cost of a data breach has risen to $4 million. After you factor in the damage to a business’s reputation, it’s reasonable to assume these numbers grow even larger in the wake of a breach.

Over time, we’ve learned quite a bit about how breaches occur: 56 percent result from phishing attacks, with 30 percent of users opening phishing emails, and 12 percent clicking on the links contained within. These days, nearly every computer uses numerous software applications that require regular updates to protect against attacks. Technology moves at light speed, and so do those intent on stealing consumer data.

With this in mind, how should receivables professionals and healthcare facilities attempt to minimize risk and maximize cybersecurity protection?

  1. Keep an eye on your vendors – Regulatory organizations, including the CFPB, have made it clear healthcare facilities are responsible for overseeing service providers’ cybersecurity practices. That means conducting appropriate oversight for every firm, since their practice can impact the security of your own data. Send a security questionnaire or schedule an on-site visit. Too much to bear? Hire an outsourcer.
  1. Ensure appropriate access control – Healthcare facilities must provide employees with only the data they need to perform their jobs. Train your team, including C-level executives, on why these restrictions enhance cybersecurity. Specifically, access beyond what’s necessary often exacerbates ransomware attacks.
  2. Bake your compliance and cybersecurity programs into everyday business – Keeping consumer information safe shouldn’t be a bolted-on summary process for healthcare facilities. It needs to be considered with the most granular of activities. Consider cybersecurity and compliance when making shifts in technology or operations, and create authoritative IT policies followed daily.
  3. Get a handle on collection notices and letters – Know your validation notices and timelines for the first 30 days: Send a letter upon contact, validate by phone, get settlement letters in line and brush up on the ECOA.
  4. Know your electronic payment requirements – There are many types of electronic payments, and each has different requirements for authorization and authentication. Are you aware of your options to appropriately document authorization and payment arrangements? Healthcare facilities’ letters, recurring payment arrangements, the FDCPA, EFTA and Reg E all come to bear here.
  5. Brush up on consumer consent and revocation – Your payment arrangements, the TCPA and the FDCPA all matter when it comes to spousal communications, age of majority, doctrine of necessities, and the time, place or manner of calls you make. Document, document, document!
  6. Validate your data security – You might have the best people, the best process and exhaustive documentation of it all, but technology moves at light speed, and so do identity thieves. You won’t truly know if you’re secure if you don’t test your system with an independent audit.

If you’re an organizational leader in a healthcare facility, there’s a final, crucial addition to the list: get involved! It’s essential to ask yourself what YOU are doing to make sure your company’s data stays secure and out of the news. Most established healthcare facilities and firms have a formal compliance program, but many have yet to consider standards like PCI, HIPAA and the GLBA Safeguards Rule.

You might trust that your technical and operations staff are staying compliant, but how sure are you? That’s an important question to ask in a time when cybersecurity matters more than ever. Make sure you’re confident in the answer.

 

 

Rozanne Andersen, J.D., serves as Ontario Systems’ Vice President and Chief Compliance Officer. She is responsible for leading Ontario Systems’ corporate efforts and response to the CFPB’s launch of compliance examinations in the ARM industry. Rozanne is a recognized thought leader in the area of compliance. Her advocacy work on behalf of the credit and collection industry has resulted in landmark legislation and regulation at both the state level and at the federal level with regard to the FDCPA, FCRA and HIPAA.

Tagged With: Cyber Attacks, Cyber Security

Related Content:

  • Cyber technology security lock on screen, network protection Why Security Technology Convergence is Crucial to Future-Proofing…
  • WatchGuard Ransomware WatchGuard: Ransomware on Pace for Record Year
  • Microsoft Defender Microsoft Releases Security Posture Management for Defender for…
  • Microsoft, Windows 8.1 Microsoft Reminds Users That it is Ending Support…

Free downloadable guide you may like:

  • These 10 IT Certifications Are Critical To An IT Pro’s Success in 2022

    Here are 10 cloud, data and security certifications that we identify as critical to an IT professional’s resume in 2022 and beyond, according to a variety of sources, including Indeed, Robert Half, CompTIA and others.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Uber Advanced Technologies Group Drives its Business Forward

The guiding principle for the new Uber meeting room redesign was “invisible comfort” to ensure that everyone could maximize productivity.

Windows 11
Blueprint Series: Upgrading to Windows 11

Upgrading end users to Windows 11 could be one of the most challenging tasks IT has to face in the coming years. Although the new version is touted...

The State of the IT Department in 2022

The role of the IT professional has shifted from one that supports the business to one that is deserving of a seat at the table when it comes to ma...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Subscribe to the Newsletter
  • Contact Us
  • Media Solutions & Advertising
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSTERMS OF USEPRIVACY POLICY

© 2022 Emerald X, LLC. All rights reserved.