Don't Overlook How Critical Patient Privacy Is

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.healthcareglobal.com/tech/1893/Dont-Overlook-How-Critical-Patient-Privacy-Is

Although your hospital makes the health of its patients a top priority,
online privacy issues could harm your patients in other ways.

> From medical records hacking to online security issues, there are a number
of ways your patients' security can become compromised.

Here are just a few ways to protect your patients and your hospital from
security threats.

Hacking Threats for Hospitals

If you're hospital is taking a lax approach to its online security
measures, there's never been a better time than now to increase security
measures. There are a growing number of cyber criminals targeting
hospitals, more specifically, patient records.

Hackers aren't in it for the medical records, but they do want the personal
patient information that goes along with those records.

When Community Health Systems was hacked in 2014, hackers stole addresses,
phone numbers, and social security numbers from patients in over 200
hospitals in 29 states across the U.S.

Cybercrime is quickly becoming a problem in the U.S. health care system.

As the following article looks at, there are ways you can better protect
your hospital's digital records while also easing patient apprehension
about privacy issues.

Stay Up to Date with HIPPA

The Health Insurance Portability and Accountability Act (HIPPA)
continuously updates its security rules and regulations. These rules aren't
in place to disrupt your hospital's digital livelihood, but rather
strengthen its security measures.

HIPPA has compliance standards that it encourages every hospital in the
United States to follow. By keeping your staff trained on the latest HIPPA
compliances, you can ensure all necessary data security measures are being
taken.

Install the Latest Antiviral Software

This probably goes without saying, but it's surprising how many hospitals
and clinics across the country neglect their security software. Downloading
antiviral and anti-malware software is one thing, but keeping it updated is
something else entirely.

Hackers come up with new ways to breach even the most updated security
programs available. By continuously updating your security software with
the most recent downloads available, your hospital can fend off attacks and
keep hackers at bay.

Stop Using Unsupported Operating Systems

Operating systems change all the time, especially in the medical world. The
problem with this scenario is, once an operating system is replaced with a
new edition, the support for the old system usually falls by the wayside.

This includes active security updates.

If your hospital is using an out-of-date operating system, it's time to
upgrade to the most recent edition. Doing so will provide you with the most
current safety features the operating system provides.

Avoid Using Social Security Numbers for Identity Purposes

If your hospital uses its patients' social security numbers as a primary
form of identification, it's time to stop. Social security numbers are the
top prize for hackers and they will stop at nothing to gain access to them.

Using other identification codes for patient records like unique 5 to 10
digit numbers or a combination of the patient's first and last name will
attract less attention from the hacking world.

If the social security number is a necessity, try getting by with the last
4 digits. Stolen social security numbers will cause major issues for your
hospital and its patients.

When it comes to keeping your patients safe, don't overlook the security
measures above.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!