by Julius Heil, President and CEO, Intalere
More than 40 percent of data breaches occur in healthcare, so like it or not, cybersecurity is a boardroom issue for healthcare entities. Today’s hacker is not necessarily a brute force person that goes in and actually attacks your system and figures out where it is most vulnerable. Today’s hackers are more prone to use social engineering. Things as simple as somebody dropping a thumb drive with nefarious purposes outside of a facility. Our good nature as human beings will be to take it inside and plug it into our computers to find out who it belongs to and get it back to them. They take advantage of that. They’ll call in and they’ll pretend to be somebody else, but they hack the user, because if they can get valid credentials at any level, they get access to everything.
In this environment, every healthcare provider must understand how prepared their organization is from cyber-attacks in terms of compromising personally identifiable information or confidential data such as electronic protected health information, and develop a security plan. Plans should include areas such as:
- Assign security responsibility.
- Conduct risk analysis.
- Develop a security strategy and policies.
- Develop a corrective action plan.
- Train staff.
As part of their cybersecurity plan, healthcare providers should also include a plan to purchase cryptocurrency. This may seem like a stretch, as this is still a burgeoning and unknown industry, but if you are hacked, every minute you are down, puts you at further financial risk. Cryptocurrency can be purchased and held in reserve as part of a contingency or continuity strategy.
Cryptocurrency is based on the blockchain concept, which is very much currently in use in the financial industry. Its strength is that it offers security through transparency. It’s a distributed system where the information is disseminated to a wider number of systems, but to hack it, unless all 8, 10 or 50 of those systems contain the exact same information at an instance in time, the transaction doesn’t go through. So, in order to defeat it, you would have to hack all those systems simultaneously.
Check out the latest video, Protect Yourself, in our Flash Series and stay tuned in the coming weeks for more posts and videos about 12 Things Healthcare Must Achieve.
You can also download the executive briefing at Intalere.com.