Cybersecurity Investment in Fundamental Tools and Training Is Key to Securing Your Healthcare Organization

According to Ryan Witt, Vice President, Industry Solutions at Proofpoint, Inc., phishing emails are still the most prevalent and dangerous sources for security breaches. In this video, Witt and Joshua Roth, Chief Information Security Officer at Children’s Hospital of Orange County (CHOC), discuss how they protect against breaches through fundamental investments in tools and training. This interview with Healthcare IT Today took place in the shadow of the recent cyberattack on Change Healthcare, which is still preventing thousands of health care providers from receiving payments. Witt says that training, processes, and technology can all play a role. There are tools not only to trap suspicious email, but to authenticate the person who sent an email message. Roth says that attacks can target particular job titles and departments, but that everybody is at risk, and sometimes people get more attacks the longer they have worked for the institution. Witt lists HR, finance, payroll, and clinical research as being commonly attacked, along with foundations. At CHOC, cybersecurity training starts at orientation. The hospital uses actual phishing email and SMS messages that have come in to do simulations that teach staff how to recognize fake requests for credentials. The team tries to make people feel proud when they find and report a phishing attempt. Incident response is also “essential,” and staff must learn how to restore data and applications quickly after a cyberat...
Source: EMR and HIPAA - Category: Information Technology Authors: Tags: AI/Machine Learning Ambulatory C-Suite Leadership Health IT Company Healthcare IT Hospital - Health System LTPAC Security and Privacy Children's Hospital of Orange County CHOC Healthcare Breaches Healthcare Credentials Breach Healt Source Type: blogs