In the wake of recent ransomware attacks, it is essential for healthcare organizations to assess their security risks and implement procedures, process and other tools to identify and mitigate cybersecurity risks.  In a recent Healthcare IT News article, a survey indicated that healthcare organizations account for 34% of all data breaches yet healthcare is trusted above all other industries to protect personal information – 63% of consumers responded that privacy and security was most important when visiting a healthcare provider.

What is your organization doing to maintain patient trust in protecting personal health information?

• Conduct a risk assessment and vulnerability scan to identify your risks; consider receiving a scan from the National Cybersecurity Assessment and Technical Services
• Review all relevant guidance including the May 15, 2017, Department of Health and Human Services “International Cyber Threat to Healthcare Organizations”
• Stay connected with local and national law enforcement to obtain healthcare intelligence
• Know who to contact if you are affected by a security risk including ransomware attack
• Educate your organization – IT will likely not be your front line!
• Continuously audit and monitor – develop an effective and efficient plan based on your risk assessment