Skip to content

Table of Contents

Technology Jul 01, 2022

Watch Your Cybersecurity Blind Spots!

Healthcare organizations can protect patient data and reduce the risk of a cyberattack by being mindful of common blindspots.

Reliance on HIPAA Data Standards

Standards for data security are the backbone of healthcare cybersecurity, with HIPAA being the most ubiquitous framework. Although HIPAA borrows from the robust set of NIST standards, it does not match up favorably with more intensive data frameworks, so healthcare systems that rely exclusively on HIPAA are still at risk of attack. These standards remain a solid starting point, but organizations should look further if data security is their goal.

Nation-State Threat Actors

Recent world conflicts escalated the risk of attacks, with the Russia-linked REvil ransomware being a notable example. While individuals equipped with ransomware attacks may pose a moderate threat to hospital systems, nation-state hackers with unlimited resources pose a formidable threat to even the most secure health organizations. In addition, these nation-state actors have proven to be highly interested in data about the U.S. population collected in hospitals.

Attacks on Trusted Software

With this escalated risk following current world conflicts, many seemingly secure companies have suffered attacks, putting partners at risk. For example, SolarWinds and Microsoft Exchange attacks sent shockwaves through multiple industries, including healthcare. As a result, healthcare organizations and providers looking to protect themselves need to regularly evaluate the security of their systems and their vendor's systems.

Work from Home

COVID-19 created a cybersecurity blind spot for many providers in the form of "work-from-home." Even if IT locks down all data in hospital computers, employees working with sensitive PHI from home without the same safeguards as company equipment expose the information to risk. Additionally, home users may not be as savvy to potential malware and may click on suspicious links sent to their private accounts. If a bad actor gets access to their home PC, they potentially gain access to work information.

Covering IT Blind Spots

Fortunately, many trusted institutions like NIST and AICPA (American Institute of CPAs) maintain stringent guidelines and standards for companies to lock down their data. By being aware of these blind spots and taking steps to mitigate them, providers can protect their patients and livelihoods.

For steps to secure your medical organization's data, click here. For a guide on cybersecurity frameworks for medical organizations, click here.



Related Resources

Fostering a Just Culture in Healthcare with Medplace's Efficient Case Review

Fostering a Just Culture in Healthcare with Medplace's Efficient Case Review

Claim leaders agree that a Just Culture prevents potential nuclear verdicts. Learn how Medplace makes it easy to foster a Just Culture usin...

August 28, 2023

Reducing Healthcare Overhead with Efficient Record Organization

Reducing Healthcare Overhead with Efficient Record Organization

Struggling with claims delays, information overload, and rising legal costs? Learn how AI solves records organization and addresses your ne...

August 22, 2023

Tackling Cybersecurity Threats Head-On

Tackling Cybersecurity Threats Head-On

Remote work and escalating cyber attacks means patient data is at risk. Here's how top hospitals are tackling cyber threats head-on.

July 27, 2023