Close
  • About
  • IT Solutions
  • Industries
  • Cybersecurity
  • Resources
  • News
  • Careers
  • Refer Us
  • Payment Portal
  • Home
Get Support
Linkedin
Facebook-square
Twitter

ECS + MyIT Logo
  • About
  • IT Solutions
      Outsourced IT icon

      Outsourced IT

      Hybrid IT icon

      Hybrid/Co-IT

      Phones icon

      VOIP Phones

      Cloud icon

      Cloud & Network Equipment

      Consulting & Strategy

      Audits & Assessments

  • Industries
      heartbeat icon

      Compliance

      Auto dealership icon

      Auto Dealerships

      Professional IT Services hand icon

      Professional Services

      SMBs icon

      Small Businesses

      Government building icon

      Government

      Education icon

      Education

      Construction icon

      Construction

      Non-Profit organization icon

      Non-Profit

  • Cybersecurity
  • Resources
Contact Us
ECS + MyIT Logo
  • About
  • IT Solutions
      Outsourced IT icon

      Outsourced IT

      Hybrid IT icon

      Hybrid/Co-IT

      Phones icon

      VOIP Phones

      Cloud icon

      Cloud & Network Equipment

      Consulting & Strategy

      Audits & Assessments

  • Industries
      heartbeat icon

      Compliance

      Auto dealership icon

      Auto Dealerships

      Professional IT Services hand icon

      Professional Services

      SMBs icon

      Small Businesses

      Government building icon

      Government

      Education icon

      Education

      Construction icon

      Construction

      Non-Profit organization icon

      Non-Profit

  • Cybersecurity
  • Resources
Contact Us
Industry-Specific Technologies

3 Biggest Cybersecurity Mistakes Medical Practices Make

By Guest Post 

Healthcare is no longer just about curing ailing patients. Medicine requires securing your patient’s Protected Health Information (PHI).

Even though HIPAA has been around since 1996, last year the industry averaged a breach a day, affecting 27,314,647 patient records. (Protenus) Even with millions of dollars paid in fines (in February, a Miami, Florida non-profit paid $5.5 million to settle a HIPAA case and a Dallas-area hospital paid a $3.2 million HIPAA penalty according to MSPmentor report), most medical practices don’t know what to do when it comes to securing their PHI and we regularly see these 3 cybersecurity mistakes at medical practices.

3 Biggest Cybersecurity Mistakes Medical Practices Make

  1. Unsecure Mobile Devices – Many medical practices utilize tablets when seeing patients because it is easier and more economical than adding computers to each patient room. Even with traditional workstations, like towers and laptops, most doctors and staff access patient data via their smartphone – these phones need to require a passcode to access.

    Without a passcode, whenever the phone is not in the doctor’s possession, like leaving it in a taxi, at the restaurant, or elsewhere, that can be considered a data breach. Also, medical practices should not use a universal username and password for each device and internet login.
  2. Not Protecting Physical Assets – You can further protect your data and minimize the risk of a breach by encrypting the hard drives on all devices, including tower workstations because hackers have stolen physical computers. This instance happened in March at LSU Research.
    Besides encrypting hard drives, best practices include securing your server in a locked room and shredding your hard drives when you decommission them.
  3. Unsecure Communications With Patients – HIPAA requires secure communications when sending PHI outside of your network, whether it be to a consulting physician, hospital, or to the patients themselves. This communication includes email, text, and messaging.

One of the biggest reasons why medical practices make so many correctable cybersecurity mistakes is that no one on staff understands cybersecurity and they use a jack-of-all-trades “IT guy” that is always reactive and doesn’t keep up with industry changes, forcing his clients to not be HIPAA compliant. A good IT firm will help you to secure your network and be HIPAA compliant, which starts with signing a Business Associate Agreement with your IT firm.


Healthcare IT

Related Articles


IT Compliance
Debunking 13 HIPAA Technology Myths
IT Compliance
Are Your Business Associates HIPAA Complaint or a Risk?
IT Compliance
Can I Text ePHI?

Leave A Reply Cancel reply

Your email address will not be published. Required fields are marked *

*

*

The ROI of Standardization
Previous Article
3 Biggest Construction Cybersecurity Risks
Next Article
  • Categories

    • Blog
    • Business & Technology
    • Cloud Technology
    • Cybersecurity
    • DR & Data Protection
    • Industry-Specific Technologies
    • IT Compliance
    • News and Events


Explore

About Us
IT Solutions
Industries
Get Help
Contact

Disclaimer

Privacy Policy
Terms of Use
Master Client Agreement

Locations

New Orleans
6620 Riverside Drive, Suite 200
Metairie, LA 70003
504-888-6948

Shreveport
347 W. Bert Kouns Industrial Loop
Shreveport, LA 71106
318-219-3427

ECS + MyIT Logo
Linkedin
Facebook-square
Twitter
© 2020 My IT. All Rights Reserved.
  • About
  • IT Solutions
    ▼
    • Outsourced IT
    • Hybrid/Co-IT
    • VOIP Phones
    • Cloud & Network Equipment
  • Industries
    ▼
    • Compliance
    • Auto Dealerships
    • Professional Services
    • Small Businesses
    • Government
    • Education
    • Construction
    • Non-Profit
  • Cybersecurity
  • Resources
  • Contact Us
  • Get Support
  • News
  • Careers
  • Payment Portal