- July 21, 2020
- Posted by: Pat Riot
- Categories: CyberSecurity, Healthcare, Security Operations
Healthcare doesn’t have to care about cyber security because it is not their job. Sure, we as patients expect our data to be protected. That’s fair, especially by the organizations we entrust to save our lives. Everyone knows you give up your entire identity entering a hospital. However, we don’t know what happens to that information once its collected. We entrust healthcare employees with our lives and inadvertently expect them to be responsible for our personal data. Both of which are massive responsibilities within themselves. So, what is the healthcare industry supposed to do?
At this point in our society, all the major healthcare systems and most of the independent practices have some sort of IT team who handles everything computers. I believe it is important to reference independent practices from hospital systems because most people don’t realize how expansive the threat vulnerabilities of even a small network can be. When talking about the two in unison, it can become overwhelming to imagine the scale and complexities between the number of devices. However, one thing can be said simultaneously for both large and small organizations, your security IT budget is not something than you can afford to ignore. Because whether you want it to be or not, the healthcare industry will always be near the top of the list of targets for cyber criminals. Yet, solutions do exist. Customizable, scalable, and intuitive ‘packages’ can be selected or deleted to work with your business as you grow. At Steel Patriot Partners, we are your front office for security, we educate, empower, and partner with the entirety of the healthcare sector. We test, schedule, and do checkups just like we do for our bodies.
As an independent practitioner, you are in a unique position regarding the measures and extent you take to safeguard your patient’s data and your practice’s cyber security. Every healthcare professional must follow the same guidelines, compliance regulations, and standards but beyond that, it is completely discretionary. We often forget however, what it’s like to be on the other side. As a physician your job is to save lives, as simple and as difficult as that is, it’s your daily task. If you’re a PA or NP you are practically like a physician, let’s not kid ourselves. Techs run the day to day operations and without them, workloads would not only be overbearing but they would almost be impossible to do during a chaotic day. And if you are in the front office, then you are the heart and soul of the organization. I know many doctors that would sink immediately without the support of their nurses, assistants and administrators. The point that I’m trying to make is that it is blatantly obvious that community and teamwork is vitally important to the success of the practice. The same could be said for the success of your digital network.
Last year, Sen. Mark Warner, D-Virginia submitted a request for “industry input on ways the federal government and the healthcare sector can improve cybersecurity, the Institute for Critical Infrastructure Technology provided feedback and compiled responses from leading industry stakeholders.” Seven, to be exact. Which included the American Hospital Association, American Medical Association, CHIME, Healthcare Leadership Council, HITRUST, and Virginia Hospital and Healthcare Association according to Jessica Davis, at Health IT Security. The seven stakeholders responded with “Meaningful collaboration has proven one of the most under-utilized, cost-effective, and impactful strategies organizations can engage to mitigate hyper-evolving cyber threats,” they added. “Threat sharing initiatives allow for stronger data protection and more importantly, for proactive deterrence options instead of reactive remediation efforts… Collaboration is especially useful to small practices that often lack the resources and data to properly secure and defend their networks, the groups argued. Further, large organizations “are immunized” against compromises by lateral movement from smaller partners’ networks.” Jessica summed up their idea perfectly by saying “the theory is that proactive security can actually alleviate some providers’ costs, as it reduces the risk of fines, lawsuits, ransoms, incident remediations, and other associated breach costs.”
The healthcare industry can no longer play a reactive role when it comes to data security. Respecting the profession entirely, we all understand the stress you are under on a constant basis. However, playing a reactive role leave the brunt of the responsibility on the patient. As if their medical bills and rehab wasn’t enough, having their data compromised could potentially play a catastrophic roll in their future. It is not a lose-lose situation. On the contrary, we provide services that are scalable, intuitive, and cost effective enough to even support a security team that is already in place. Data security is hard. Cyber-attacks occur at a rate of 2,224/day. 43% of which effect small businesses. What’s worse is that 64% of American’s as a whole, have never even checked to see if they have even suffered a breach. So, the data that we can offer, is only based off 36% of the 32.5 million businesses registered in the U.S.
If you are intrigued by any of the topics covered or would like to talk more in-depth about your business’s cyber security, please do not hesitate to reach out. We do not sell. We educate and leave the choice of a partnership to you. At the end of the day, our passion for security and the education we are able to provide, only make us stronger as a community and that is our company mission. Education and empowerment. We work with businesses to make sound security decisions to increase productivity and decrease cyberspace vulnerabilities. If you are interested or know someone who is interested, please give us a follow on social media (Facebook, Twitter, LinkedIn), send us an email, give us a call at 703-297-4405 or contact us directly! Whatever the way, we look forward to hearing from you and appreciate your time for reading our content! Stay secure!