The Door Is Open. Just Walk On In.

May 09, 2016

bigstock-Internet-Security--Laptop-and-60896051.jpegYou don’t have to be a Denver public relations pro to know that cyber security is keeping healthcare executives up at night.  Just ask the IT security experts who spoke at a recent Prime Health cyber security conference in Denver.  All agreed that the threat to healthcare organizations from data breeches, ransom ware and lawsuits is very real.  So why doesn’t everyone have a crisis communications plan? Why do so many healthcare organizations keep their heads buried in the sand?

According to the Prime Health panelists, ransom ware is a major threat.  Identity theft is a big reason for healthcare hacking because electronic medical records can be easily monetized.  We don’t monitor Medicare numbers like we do credit reports so selling Medicare numbers is big business. It’s an easy way to get a lot of information, including government information and prescription records that foreign intelligence agencies love to steal.  From organized crime to espionage, if your system is vulnerable they will find a way to exploit that vulnerability. 

The easiest way into your system is through what the panelists called stupid human problems.  Typically, an unsuspecting employee opens a fishing email that looks like it comes from a boss or colleague. Now the door is now wide open. The email might come to the employee through a personal email address or mobile app. Maybe it targets a mobile device or home computer since more and more work gets done remotely.  It’s like leaving the key in the front door when you leave your house.

Oh, and that medical device in your OR that you thought was secure?  All it takes is a surgeon bringing in some medical imaging on a flash drive and inserting it into a monitor. Now the system is infected and the hackers have access to all your medical data.

Are you using an old version of your software without the latest security patches? Are you using open source software that allows hackers access to your source code? Does your credentialing system allow passwords to be easily stolen and did one of your employees unwittingly share his password with a cyber thief?

Hopefully by now you are asking yourself, “Hey, do we have a crisis plan?” Because when you demand that your patients hand over their credit card, driver’s license and insurance card, you are implying that their personal financial and medical data is protected. And we all know what happens when your consumers lose trust in your brand. Once your reputation is damaged, it takes a long time to repair it.

So what steps should healthcare organizations take to minimize their risk?

  • You can begin by identifying the threats and restricting access to data to the employees that need to manage that data. Assume every entry point is a threat.
  • Training is critical. Help your staff understand the threats and train them on preventive measures, like how to recognize fishing emails.
  •  Mobile devices and laptops are easy to steal. Put protocols in place to prevent theft. Look for simple solutions like encryption. It’s easy but not everyone does it.
  • Only keep the data you actually need. Do you really need someone’s driver’s license? Can you delete some data after a certain period of time?
  • Have a crisis communications plan! Anticipate the problems and have a plan in place to help you respond quickly and communicate effectively with key stakeholders.  This can help you minimize any long-term damage to your reputation.

If you are in the healthcare business, data breeches are a serious threat. Cyber security is an essential part of doing business in the digital health universe. Ask an expert to assess your risk. Get your head out of the sand!

Pushkin PR can help you prepare for and manage a crisis. Let us know how we can help. 



Tags:

Jon Pushkin

user_avatar

Jon Pushkin is the president and founder of Pushkin Public Relations, a full service Denver PR firm. He likes dogs, baseball and swing, in that order.


Add Pingback
blog comments powered by Disqus

Category List


Tag List

Denver Social Media (4)
crisis PR (9)
Nonprofit PR (3)
Colorado healthcare pr (2)
healthcare communications (1)
Our Clients (1)
healthcare AI (1)
social media (2)
Instagram Story Business (1)
search engine marketing (1)
PR Tactics (7)
crisis communications denver (2)
Denver Public Relations (16)
crisis pr denver (4)
colorado public relations (5)
denver heatlhcare pr (1)
event pr denver (2)
Communication Strategy (2)
public relations denver (6)
Public Relations (24)
Festival Crisis PR (1)
healthcare pr denver (3)
crisis pr Colorado (3)
Denver Healthcare PR Firm (9)
Instagram for Business (1)
Media Relations Denver (1)
denver healthcare pr (2)
Festival Communications (1)
Instagram (1)
media relations (1)
denver crisis commuications (1)
denver crisis communications (1)
PR (3)
health literacy (1)
crisis public relations (4)
Denver Public Relations, Denver PR (8)
healthcare public relations denver (1)
Denver Nonprofit PR Firm (7)
public relations companies (1)
healthcare (6)
Festival Crisis Communications (1)
Branding (2)
Event Communications (2)
SEO (1)
denver communications (1)
healthcare pr (7)
Crisis Communications (15)
health communications (3)
Event PR (2)
denver branding (1)
Instagram Story Mistakes (1)
Social Media for Business (2)
nonprofit pr denver (1)
Denver PR (14)
Instagram Stories (1)
Festival PR (1)
Festival Crisis (1)
public relations agency (1)
Denver PR Firm (11)
Digital Strategy (2)
Denver Public Relations Firm (7)
Public Relations Update (3)
healthcare public relations (3)
denver (2)
colorado pr (3)
PR Denver (7)
Event Public Relations (1)

Archive

© 2019 Pushkin Public Relations. ALL RIGHT RESERVED

Site Map