Preventable data breaches routinely affect patient care. The rise of “ransomware,” a hacker’s way of holding data for ransom, has been building a frightful reputation since word broke about Hollywood Presbyterian Medical Center (HPMC) paying for an encryption key back in February. Unfortunately, HPMC was only the tip of the iceberg.
In March 2016, Maryland-based Medstar had their $4.6 billion health system’s infrastructure attacked by cyber hackers. A virus ran rampant across their systems, forcing locations to revert to backups. This occurrence affected patient care first hand; many employees were not able to login or access important data to do their jobs. Patient care was affected and some patients were left helpless.
Over 253 breaches were reported in 2015 with over 112 million records breached. In 2016, so far there have been a reported 81 breaches with a minimum of 500 records per breach.
Data breach attempts are inevitable, but they are preventable if you remain proactively aware of threats and maintain appropriate architectural posture.
How does one achieve this architectural posture? This post discusses a few technological and process enhancements that every healthcare IT infrastructure must utilize to render advanced protection of data, privacy and money.
Protection against malware is an ongoing fight and should not be taken lightly. Around-the-clock maintenance through a multi-faceted approach is necessary while using the correct procedures and tools to make the architecture strong, yet easy to maintain.
NEVER use a built-in OS AV software
Never underestimate the hacker mentality. It is key to shield your infrastructure on the front lines to prevent an escalation to bigger problems down the road. We recommend you invest in an outside venture that considers AV and malware protection its core competency. It is worth the cost, considering the amount of money that could be lost in a breach or paid through judicial penalties.
Putting your money into a protection company is not just for safety of your bank account, but to actively protect your patients’ information and their right to privacy.
Schedule After-Hour Scans
When your doors are shut, hackers see a window of opportunity. It is important to run security scans for integration servers during and after hours of operation. Scheduled reboots and OS log reviews ensure your integration servers do not run into memory leakage or other issues. You wouldn’t leave your garage door open when you’re not home, so don’t leave any opportunities open for data breaches.
Inspect What You Expect
It is key to properly inspect all facets of your security infrastructure on an annual, monthly, weekly and when applicable, daily basis. Upholding mature policies and procedures, including strict patch management, timely eradication of vulnerabilities and consistent reporting will lead to a high level of confidence and allow bandwidth for discrete, fine tuning adjustments.
Transferring ever-greater amounts of information does not have to mean the increased likelihood of a data breach. While a third-party organization is recommended, there are tactics and proper protocol that internal staff can take on to aid security.
If a hacker obtains administrative credentials, they can access critical servers, databases or software within the organization with ease. This can be catastrophic and allows free-reign to wreak havoc under an alternate identity to bring any hospital to its knees. At a minimum, use complex passwords with multiple variations of characters, along with multi-step verification processes (something as simple as an SMS message or email) to verify that the user is exactly who they say they are.
Utilize Both IPS and IDS Systems
Remember the garage door that you should never leave open? Well, utilizing both an Intrusion Prevention System (IPS) and an Intrusion Detection System (IDS) in your organization is like the numerical keypad for that garage door, plus the safe overwatch of a security camera.
It is important to have an IPS, such as a firewall, that aggressively monitors all traffic running through it. More information will pass through it than ever before, so close monitoring is a high priority. Just as important is an IDS to notify the appropriate staff of any suspicious activity. Occasionally, intrusion efforts will succeed, and immediate notification, rescanning and reporting can eliminate these threats.
Interoperability necessitates that we handle thousands of healthcare data transactions an hour. Making sure all of the data is stored and transferred securely is a fundamental tenant of a comprehensive interoperability offering. Develop encryption methods, stick to them and continuously evaluate. At the same time, develop backup protocols that bypass you and store client information securely where they are the only ones granted access.
Seth Hobgood is the Principal and CTO at Interoptex.