Page 1


HealthCare Breaches Map


e-mail • 2 factor authentication is the best defense • Alert on auto forward rules • Beware urgent email asking for your credentials – don’t give them! • Be wary of unusual email from people you know – their account could have been compromised


Passwords • Length is the single most important factor • Take the Test: https://www.my1login.com/resources/pass word-strength-test/ • No frequent expiration • Use of a Password Manager like LastPass or 1Password • Never reuse work passwords for any other sites https://pages.nist.gov/800-63-FAQ/#q-b5


3rd Parties • • • • •

EMR provider support/host Line of Business application providers Managed IT Service providers Printer/Copier support vendor Cleaning company

• What is in your contract about data security? • What is in your contract about downtime? • How are your vendors training their staff on HIPPA Security?


• Pre-employment screening • Separation of duties • Minimum access to data to perform the job • Cybersecurity training for staff on hire and annually thereafter


Managed Security Services • Daily log review • Threat Hunting • Breach detection • Insider threat mitigation • Incident Response by trained team • Alerting 24/7/365


Managed Security Services • Manage O365 security • Web based cybersecurity training portal • Annual HIPAA Security Risk Assessment • Phish testing • Quarterly Vulnerability scanning


Resources • Global Cyber Alliance Toolkit • Center for Internet Security • HHS Cyber Security Guidance • Integrity IT

Profile for Integrity IT

Security Presentation  

a brief overview of top security issues for healthcare

Security Presentation  

a brief overview of top security issues for healthcare