Caution
What to Look For
For healthcare workers, we warn that the imminent threat on your patients information is coming, not that it is going to happen, but that it will. Its a matter of when. Being prepared for it is the best solution. It's best to have a staff of IT specialists that can help protect and secure the information to the best of their ability. As this information is Protected Health Information, they are under the HIPAA restrictions as all healthcare workers are, in order to complete the necessary job of securing it in our electrical systems.
Hoala Greevy from Security Magazine notes a couple different things to watch for. They note that not training or not being trained in cybersecurity measures as part of your job introduction to the field is a disservice to you. They found that "human error accounted for 33% of healthcare breaches in 2020 alone." That's hard to believe, however human error is always at play in these situations. They conclude that training staff on how to recognize breaches in security will drastically reduce the damage being done by hackers.
Greevy also discusses the use of many different healthcare "portals," including email portals. We can consider the main portals any electronic home website used to communicate health records. These are used specifically for patients to give health records to the doctors office. These doctors offices also used portals on a computer, connected to a network database of all patient records, to record, report, and note anything about the visit a patient might have. These portals are what they use to send prescriptions over to the pharmacy of the patients choice. These portals help keep information safe for the doctor, to some extent, however it leads the hacker to target the patient more readily, because its easier to target them.
So, its a good idea to have 2 factor authenticity. However cumbersome it has become, it is a wonderful tool that "makes it difficult for a cybercriminal to gain unauthorized access to an account and, in turn, an entire organization." This can help deter the hacker from even trying to make an illegal snatch of PHI. Apparently, Greevy reports, Microsoft says that 99% of compromised accounts resulted from not using 2 factor authentication. Its a game changer in the 20th century that might be added upon in the next 20 years. I would not be surprised if there are 3 or 5 factor authentications added to many different systems. You'll have to show your ID, text your phone, email yourself a code, synthesis a genome from your blood, and use your fingerprints to log into your bank accounts.