Ransomware, phishing, and data breaches! Oh my! Cybersecurity resources for health centers to prevent, respond, and recover from cyber-attacks.
This year, together with our partners at Association of Clinicians for the Underserved, Healthcare Ready launched ARCHER, an initiative delivering emergency preparedness trainings and resources to community health center staff in geographies facing higher-risk for natural disasters and other emergency events.
On March 7, 2022, we held the Cyber Security for Community Health Centers webinar, the 4th in our emergency preparedness webinar series for community health center staff. Hosted by Brandon Lockett from Neutron Engineering, the 1-hour webinar covered information ranging from:
- Common cyber-attack that facilities are facing,
- Vulnerabilities to be aware of, and
- Best practices for health centers to adopt in safeguarding systems and patient information.
In a world where information is increasingly stored digitally and online, cybersecurity infrastructure has simultaneously grown exponentially while becoming more vulnerable, especially in the healthcare center. With increasing digitalization of information, health facilities have invested in hardware and software upgrades, though the improvement of systems does not always translate to more security of information and operations. Healthcare data is a prime target for cyber-attacks—specifically ransomware and data breach attacks. While much of the information published in cyberattacks has been on the high-profile attacks on large systems all over the world, small community health centers also suffer from cyber-attacks such as phishing and malware.
Other resources to help health centers begin enhancing their cybersecurity infrastructure include:
- Our infographics on password strength and security to share with staff in office and online. (Listed below.)
- Cybersecurity and Infrastructure Security Agency’s (CISA) Free Cybersecurity Services and Tools
- CISA’s Known Exploited Vulnerabilities Catalog that lists software that needs to be updated so as to patch existing vulnerabilities
- Hygiene Vulnerability Scanning emails from CISA that conducts weekly scans of your systems and compiles a report that details weak configurations and vulnerabilities for internet facing systems. Email: firstname.lastname@example.org
Lastly, if your organization does not yet have cybersecurity protocols in place and are not sure where to start, FINRA has created a excel book checklist for small firms. Though this resource’s primary audience is small financial firms, it offers templates for vulnerability assessment, password protection, encryption tracker, employee device tracker, and much more. It can serve as a starting point for health centers to get their cybersecurity protocols codified and implemented.
Though cybersecurity can seem like a daunting topic and take the back seat to the other issues facing health clinics every day, protection patient health and delivering quality care is contingent upon having strong cyber security practices. To continue to explore and engage in ways to invest in preparedness, you can visit our ARCHER resource hub to review past webinars/trainings and resource. Additionally, should your healthcare clinic be interested in more tailored training to meet your needs, or to participate in upcoming trainings, email us at email@example.com.