Smaller health systems struggle to follow cybersecurity best practices

Mackenzie Garrity - Print  | 

Smaller healthcare providers are more likely to struggle at following cybersecurity best practices while large healthcare providers tend to have mature, sophisticated defenses, according to a KLAS and CHIME study and cited by the HIPAA Journal.

KLAS and CHIME examined the responses to the 2018 Healthcare's Most Wanted survey that was issued to around 600 healthcare providers.

Responses showed that large healthcare organizations are more proactive and conduct regular vulnerability scans. Smaller healthcare organizations rely on penetration tests to identify vulnerabilities.

Large healthcare providers were also more likely to have governance, risk management and compliance committees. Smaller healthcare organizations were less likely to use network segmentation and multifactor authentication.

HSS formed a task force in 2015 to help healthcare providers manage risks. Here are nine principles for providers to follow:

  1. Email protection systems.
  2. Endpoint protection systems.
  3. Access management.
  4. Data protection and loss prevention.
  5. Network management.
  6. Vulnerability management.
  7. Incident response.
  8. Medical device security.
  9. Cybersecurity policies.

More articles on cybersecurity:
239,000 patient records vulnerable in insurance database security incident
Summa Health employees fall victim to phishing attacks
17 healthcare privacy incidents in June

© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.