There’s some bad news for healthcare: the industry is one of the top targets for cyber threats, according to IBM X-Force’s 2016 Cyber Security Intelligence Index.
And here’s another dose of bad news: Employees are the weakest link when it comes to cyber security. Verizon’s 9th annual Verizon Data Breach Investigations Report found that abuse of privileges, lost or stolen credentials and other errors most often caused data breaches.
Healthcare has a lot to lose when a data breach happens. Instead of a single account (as with financial theft), hackers can receive a lot more sensitive information from health records. It’s also a huge—and possibly very costly—HIPAA violation, because healthcare providers are responsible for keeping patient information private.
These findings make it clear that healthcare employees need to stay watchful to protect patients, and themselves and their organizations, too. Here are the top four habits you can adopt in your workplace right now to guard against a cyber threat.
Follow the protocol.
Yes, changing your password every few weeks might be frustrating. It takes time to work through your system’s safety protocols and encryption. But it’s still hugely important to follow the policies set down by your employers. They are specifically developed to protect you and your facility from cyber threats. And with the millions of healthcare records stolen in 2015 alone, those steps are a much better alternative to addressing a data breach. Imagine how time consuming that would be.
Never give away your information.
Cyber hackers aren’t just out-of-sight thieves tucked into secret pockets of the Internet. They can also show up in-person to try and gain access through lax employees. To ensure cyber security, never give out your login or other sensitive information. Also don’t leave post-its with your password around your office or workstation. This is especially true of larger workplaces, where people can slip in and out unnoticed. Be safe and keep private information private.
Don’t click that link.
In fact, don’t even open an email from someone you don’t know, but especially don’t click any links inside. Many phishers will send malicious emails to unsuspecting employees. According to the Verizon report, targeted employees opened 30 percent of malicious emails, and 12 percent of those targets also clicked on the link inside. Don’t let that 12 percent be you.
Report suspicious activity.
If you’re in doubt, always tell your supervisor or IT department about anything suspicious. It’s better to investigate possible threats than to let a credible cyber threat slip through. If you receive a strange email or experience something out-of-the-ordinary on your computer, report the incident.
Keep in mind that these tips are general. Your office or facility probably has a much more detailed guide to keeping health records safe, so be sure to check in with your employers. And always make sure to guard against cyber threats at work. Your patients’ records and wellbeing might depend on it.