Cyber-Security in Health Care: 10 Ways to Fight the Threats
Cyber-security is an ongoing concern for health care organizations. The Health Information Trust Alliance (HITRUST) has engaged in a written debate with lawmakers on how to proceed with cyber-security strategies. There is a sense of urgency in this discussion because medical equipment poses a serious threat to not only hospital networks but patients' privacy and lives. Even the common problem of data breaches can be costly for health care organizations. When protected health information (PHI) is compromised in a hospital network, violations of the Health Insurance Portability and Accountability Act (HIPAA) can occur, leaving health providers liable for up to $1.5 million in fines from the federal government. Cyber-crime is often the work of financially motivated criminal groups that attack smaller, low-risk targets to seek payment for fraud schemes, according to Verizon's "2012 and 2011 Data Breach Investigations Reports," released on Oct. 24. Attacks were focused on hacking and malware as well as point-of-sale (POS) systems, according to Verizon. In this slide show, we share some tips on how health care organizations can approach cyber-security.
Deploy Advanced Network Monitoring
To combat cyber-security threats, health care organizations should deploy advanced network monitoring tools containing software algorithms and rules that can detect when patient health information is compromised, Jared Rhoads, senior research specialist at CSC, an IT services provider, told eWEEK. The algorithms can flag a threat so that an information security team can respond. "PHI can be detected on a certain port, which should only be for normal Web traffic or unsecured email," he said. "These are automated tools and pieces of software that monitor things as they're already happening," said Rhoads. "Once you get them and put them in place, they work around the clock and they're extra eyes on this whole problem."