There are 10 foundational steps hospitals must take to protect patient data from cyberattacks, AT&T Healthcare Vice President Steven Mitchell wrote in a helpnetsecurity.com op-ed.
Here are Mr. Mitchell's 10 recommendations.
1. Work with a third-party to identify any weaknesses in the systems.
2. Implement "the right alarms and tools," such as products and services that control data flow in a minimally disruptive fashion.
3. Secure all devices, including phones, computers and connected medical devices.
4. Use encryption and authentication protocols to "disconnect and protect old technology."
5. Deploy tools like user-behavior analytics to monitor staff access.
6. Use global analytics models to monitor inbound and outbound hospital traffic.
7. Test all systems — regularly — for vulnerabilities.
8. Educate employees to ensure they stay "vigilant."
9. Ensure vendors' systems and communications tools are up-to-date. "They can be a weak point, and you may be liable," he wrote.
10. Establish a breach response plan, just in case. "Prepare for the worst … Tomorrow's new technologies and trends will bring new vulnerabilities," he wrote.
However, he also emphasized the need to establish policies outside of technological solutions, such as developing leadership, board buy-in and corporate culture. "Technology alone won't solve for the growing risk of a cybersecurity breach," he wrote. "Doctors, nurses, technicians, lab workers, office staff and more must all play their part to keep patient data protected."
Click here to read the full article.
More articles on health IT:
Windows 10 web browser helps detect malicious websites, downloads
Senators to ban Kaspersky Lab software in DOD budget
Tech startup launches campaign to forgive $16M in medical debt