Above all else, the COVID-19 era is a time for organizations to retrain employees on the importance of technical and physical security standards and to implement policies if these standards are inadequate or missing altogether.
Explore This Issue
October 2021
Above all else, the COVID-19 era is a time for organizations to retrain employees on the importance of technical and physical security standards and to implement policies if these standards are inadequate or missing altogether.
Finally, it’s important to note that healthcare organizations are made up of individuals with disparate training and experience, some of whom do not have technical certifications or expertise in maintaining the security and confidentiality of PHI. As a result, it’s particularly important for organizations to provide education and continued support. An organization whose employees have an understanding of the types of threats that cybersecurity and physical security protect against will foster an environment of vigilance and bolster its defense.
Looking Forward
The technology implications of the COVID-19 era have created significant opportunities for cybercriminals. Since the beginning of this year, there has been a sharp increase in the number of phishing and ransomware attacks, among other cyber issues. Now is the time to identify your risks and vulnerabilities and take steps to mitigate those threats in order reduce the risk of becoming a victim of a cyberattack.
It’s highly recommended that you review your policies and procedures, develop and test your incident response plan, and frequently train employees on identifying and responding to cyberattacks.
Steven M. Harris, Esq., is a nationally recognized healthcare attorney with McDonald Hopkins LLC. Contact him at sharris@mcdonaldhopkins.com.
Reprinted with permission from the American College of Rheumatology.