Fighting cybercrime and security threats in healthcare IT

Fighting cybercrime and security threats in healthcare IT

In today's world of technology where cyberattacks are more prominent than ever, all industries are susceptible to security threats. However, as the healthcare industry transitions from a pen and paper approach to electronic health records, healthcare networks become even more vulnerable than ever before.

Cybercrime in healthcare
The 2015 Healthcare Information and Management Systems Society Cybersecurity Survey released in June found that 66 percent of organizations had experienced some type of security threat. Of those threats, the majority only slightly disrupted IT systems, while 21 percent of them resulted in the loss of patient, financial or organizational information. Many believe that more advanced security measures and available tools are needed to combat the potential threats.

When it comes to healthcare information, those looking to profit from medical records and patient information know exactly how to break into the system. The good news, however, is that according to the HIMSS survey, 87 percent of respondents reported that cybersecurity became a key priority and more than half of those respondents have allocated a full-time resource to take on the issue.

How to fight the attacks
On Oct. 4, well-known security specialist and author of "Spam Nation" Brian Krebs spoke to an audience of CIOs and IT executives about cybercrime. In a telling speech, according to PC magazine, Krebs delivered the alarming news that while hackers are gaining success in their methods, industry officials are remaining blind to the full potential of these cyberattacks. The majority of firms are missing the mark on simple security measures. 

Perhaps the biggest takeaway was Krebs' notion that computer networks can only be two of three things. They can be fast, secure or easy to use, but not all three. More often than not, according to PC magazine, firms choose to put efficiency first, meaning that network security is not always the main concern. Although Krebs was not speaking directly on healthcare IT, his five tips for fighting cybercrime can still be implemented into industry practices.

  1. Segment computer networks and ensure that only those who need access are granted the privilege.
  2. Always have a plan for a potential network breach. Set up a response team and chain of command to take action if a threat arises.
  3. It is effective to use real-life examples of lapses in security when teaching staff members how to handle one. Understanding a concrete example will help train staff how to approach a real threat.
  4. Educate and practice often, until fighting a cyberthreat is perfected.
  5. Include all partners in the security plan.