Sergey Nivens - Fotolia
Data breaches in healthcare are becoming a common occurrence, and 2019 continues to prove that small and large organizations are susceptible to cyberattacks. The increase in successful attacks is a stark reminder that more emphasis must be placed on fortifying the different security layers that keep patient data protected. Failure to do so can lead to noncompliance, expensive fines and reduced reimbursements.
These risks are forcing healthcare executives to take a serious look at the different security layers they are putting between their organizations and possible cybercriminals.
Endpoint security layer
Endpoint protection across all devices hospital staff use to access patient data requires the use of appropriate cybersecurity tools to detect and block any malicious code that can lead to ransomware, malware or remote code execution. Products from TrendMicro, Symantec, Microsoft and Cisco all offer endpoint protection.
Network security layer
Network traffic and activity monitoring to identify and block any attacks from the inside is another important aspect of keeping patient data protected. Network monitoring tools and scanners like Nessus, Microsoft Advanced Threat Analytics and Cisco Stealthwatch all provide feedback on network activities.
Perimeter security layer
Firewalls and other perimeter security tools can block attackers from scanning or accessing systems from the outside. This public-facing layer is extremely important to protect as it ensures that the hospital stays invisible to bots and cyberattackers. It also ensures that hospitals are protected against denial-of-service attacks, port scans and other attack methods. Companies like Cisco, SonicWall, Barracuda Networks and Palo Alto Networks provide these tools to healthcare organizations.
Application security layer
Application security can be in the form of security policies and procedures implemented in the EHR and other systems that hold sensitive data. Healthcare CIOs must ensure that their IT administrators have standard operating procedures for granting access to end users along with training on access. This layer depends heavily on the application itself from the security standpoint. It will require IT to work closely with the application vendor to understand their security best practices and ensure their use.
Physical security layer
Controlling access to servers and network appliances is just as critical as password protecting servers and other important systems. Any physical access to a server can put the drives and network access at risk of theft or tampering. While this may seem obvious, HIPAA requires physical security safeguards for devices that have access to electronic protected health information.
Human security layer
One of the last fronts a hospital has to ensure they have adequate protections for is the human layer, and it is likely the most targeted and vulnerable one. Staff or employees with their credentials that allow them to access one or more patient files are scammers' and cyber criminals' favorite targets. Attacks range from phishing email messages impersonating managers or even federal agencies. While IT's role here is likely to provide security training to their end users, ensuring that IT implements improved email protections to filter out phishing email messages or known spam calls on mobile devices can assist on this front.
With the never-ending news cycle reminding everyone that data breaches are becoming the norm, hospitals should not let their guard down and simply accept that they, too, will be the victim of one of these attacks. CIOs and chief medical informatics officers can beef up their protections across the different layers to further discourage and mitigate the possibility of an attack by determining any gaps they may have and reinforcing them with the appropriate tools and resources.