Summary: <a href="https://www.complianceandethics.org/wp-content/uploads/2015/02/turteltaub-adam-200x200-150x1501.jpg"></a>Posted by: Adam Turteltaub<br> <br> The war in Ukraine and pandemic have both dramatically changed the cyberthreat landscape for healthcare entities.<br> <br> There are many more employees working from home, as well as patients communicating with their physicians remotely. At the same time, governments have warned of potential cyberattacks by Russia.<br> <br> Even without these threats, ransomware provides its own challenges. As <a href="mailto:blaise.wabo@a-lign.com">Blaise Wabo</a>, Healthcare and Financial Services Leader for <a href="http://www.a-lign.com">A-Lign</a> explains in this podcast, it’s a fast-growing threat. Deloitte research indicates that ransomware attacks increased by 1755% in 2021.<br> <br> So how should healthcare entities respond? Start by focusing on your people, he advises. They tend to be the weakest link in the security chain. Some common challenges:<br> <br> * A lack of encryption of their home WIFI<br> * Routers still with the default password<br> * Connecting from Starbucks, the airport or hotel without using a VPN<br> * Falling for a phishing attack<br> <br> To manage the risk, he recommends starting with a risk assessment that includes third-party suppliers and your supply chain. Determine the vulnerabilities and rank the risks. Then begin implementing controls. Encrypt PHI, even in transit. Conduct phishing training for your staff. Hire a third party to do a penetration test and identify gaps in your security.<br> <br> In addition to preventing problem, steps like these can help when one occurs, given the provisions of the HIPAA Safe Harbor Act.<br> <br> Listen in for more advice and learn how to navigate an increasingly challenging cyber landscape.
