1. Cybersecurity

    AHIMA Issues Cybersecurity Plan for Healthcare Organizations

    Dec. 18, 2017
    Cyber attacks against the healthcare industry are growing at an accelerated pace, and to help healthcare organizations strengthen their cybersecurity programs and defend against a cyber attack, the American Health Information Management Association (AHIMA) recently released a 17-step cybersecurity plan.

    Cyber attacks against the healthcare industry are growing at an accelerated pace, and to help healthcare organizations strengthen their cybersecurity programs and defend against a cyber attack, the American Health Information Management Association (AHIMA) recently released a 17-step cybersecurity plan.

    AHIMA notes that Information governance (IG)—the development of an organization-wide framework for managing information throughout its lifecycle and supporting the organization’s strategy, operations, regulatory, legal, risk and environmental requirements—is a critical organizational initiative that healthcare organizations must embrace in order to thrive in the environment of cyber threats and attacks in healthcare today. Once information governance program is created and implemented, a cybersecurity plan needs to be reviewed at least quarterly to ensure the organization is taking the necessary steps to prevent or detect an attack.

    The 17 steps that ANIMA recommends as part of a complete cybersecurity plan are:

    1. Conduct a risk analysis of all applications and systems
    2. Recognize record retention as a cybersecurity issue
    3. Patch vulnerable systems
    4. Deploy advanced security endpoint solutions that provide more effective protections than standard antivirus tools
    5. Encrypt the following: workstations (high-risk) and laptops; smartphones and tablets; portable media and backup tapes (if tapes are still being used)
    6. Improve identity and access management
    7. Refine web filtering (blocking bad traffic)
    8. Implement mobile device management (MDM)
    9. Develop incident response capability
    10. Monitor audit logs to select systems
    11. Leverage existing security tools like Intrusion Prevention System/Intrusion Detection System (IPS/IDS) to detect unauthorized activities
    12. Evaluate business associates
    13. Improve tools and conduct an internal phishing campaign
    14. Hire an outside security firm to conduct technical and non-technical evaluations
    15. Prepare a “State of the Union” type presentation for an organization’s leaders on cybersecurity
    16. Apply a “Defense in Depth” strategy
    17. Detecting and preventing intrusion

    Continue Reading

    Sponsored Recommendations

    Six Cloud Strategies to Combat Healthcare's Workforce Crisis

    The healthcare workforce shortage is a complex challenge, but cloud communications offer powerful solutions to address it. These technologies go beyond filling gaps—they are transformin...

    Transforming Healthcare with AI Powered Solutions

    AI-powered solutions are revolutionizing healthcare by enhancing diagnostics, patient monitoring, and operational efficiency - learn how to integrate these innovations into your...

    Enhancing Healthcare Through Strategic IT and AI Innovations

    Learn how strategic IT and AI innovations are transforming healthcare - join Tomas Gregorio as he explores practical applications that enhance clinical decision-making, optimize...

    The Intersection of Healthcare Compliance and Security in the Age of Deepfakes

    As healthcare regulations struggle to keep up with rapid advancements in AI-driven threats like deepfakes, the security gaps have never been more concerning.