As a healthcare provider, you know how important it is to keep data safe. Obviously, the government holds you accountable for this, but perhaps more importantly, your patients count on you to protect their personal privacy. Unfortunately, cyber security in healthcare has become more complex than it has ever been before. So, in light of the recent uptick in cyber attacks, perhaps it’s time to review your healthcare cyber security practices and address any vulnerabilities that you may find in the process. Here’s what you should know:

 

You need to have multi-factor authentication processes in place.

In a world that struggles to control the use and distribution of many prescription medications, it makes sense that federal regulations call for you to use more than a simple username and password combo to log in and prescribe medications. In fact, these systems are necessary anytime your patients’ personal privacy comes into question, as well.

 

Your antivirus software must be up-to-date (and stay that way).

The technology that is used by cyber attackers today is truly incredible; viruses can do things that you may not have even imagined. Proper healthcare cyber security requires you to keep these things updated on your main servers and every machine in your practice.

 

Your practice should be using role-based permissions.

Your front desk admin staff should not have the same access to patient information that your physicians have. They simply have no need for it, and it’s a question of your patients’ personal privacy. An experienced IT firm will be able to give your doctors the permission they need while restricting the access of other support personnel in your office.

 

You should be backing up sensitive data regularly.

Your patients depend on you to keep their medical history safe; they’ll need that for their continued care well into the future. Your practice will also need that information, should you ever be audited for compliance by any of the agencies that regulate your medical or administrative practices. You need to have a routine in place for creating a remote backup copy of your data, and that remote copy should be handled with the same level of security that you handle all other data.

 

You should use extra discretion where mobile devices are concerned.

It’s all-too-easy for someone to simply pick up your tablet and walk away. So, these devices should employ an even higher level of security that you would typically find in a desktop computer. Devices that do not allow for data encryption should not be used, and a multi-factor authentication process should be implemented before any data is ever loaded to the device. Moreover, because these devices are more susceptible to damage or electromagnetic interference, data should be remotely and securely backed up very often during use.

If you are concerned about cyber security in your practice or if it has been a while since you’ve examined your healthcare security practices, now is the time to give us a call. Don’t wait until you have a data crisis on your hands. Our team is experienced in healthcare security, and we will help you keep your business and your patients safe from cyber attacks. Give us a call today at 773.631.6851 to schedule a consultation.