Heightened Cybersecurity Threats Require Stronger Safeguards: Part 2

Harris Beach PLLC

If this were a typical year, we’d be gearing up for family Thanksgiving dinners and office holiday parties. But 2020 looks very different, and businesses that have pivoted to working remotely may be suffering from enough “pandemic fatigue” and personal distraction to let their guard down.

From telehealth appointments on secure platforms to department lunch meetings serving whatever is in your refrigerator, health care organizations and their business associates know the new landscape and may assume they’re savvy enough to spot hackers and bad actors. But as phishing scams grow more elaborate and nefarious hackers become more brazen, taking advantage of our new work environment, remote work may only heighten vulnerability to cybersecurity threats.

Building on our blog series, we have compiled more best practices to protect patients and clients, outsmart cybersecurity fraud and avoid identity theft. It’s easy to become complacent, but we must continue to be diligent.

  • Don’t fall for phishing scams. Have you received an email that your password has expired, with a helpful link to reset it? Have you received video conferencing “notifications” that someone is in your waiting room? Have you received a “contact tracing” email from the “CDC” or a panicked request from a colleague requesting your help with an urgent matter? Think before you click: it may be a phishing email. Always verify any request that seems alarming or out of character; demands that you enter personal information; and invites you to click on an attachment. Your IT department will be able to verify legitimate requests and monitor false ones.
  • Practice the “principle of least privilege”: Always secure documents containing sensitive information to only those who require access. Opening access beyond this scope invites an opportunity for users, or hackers, to obtain or change information in unauthorized or unwanted ways. Put another way, this principle limits potential damage and impact of ransomware; and places tighter parameters around any investigation or audit that may arise.
  • Be mindful of voice recognition technology such as Alexa when you are dictating emails or speaking on the phone. By the same token, never leave sensitive information on voice mail.
  • Secure your work files, records and devices as though you are in the office. Lock your devices when you step away, and always obtain permission before you take papers home.

Use encryption technology and other “send secure” best practices when you’re sending or replying to emails that contain personal or sensitive information – even if it adds an extra step or layer of deciphering, and even if you didn’t receive it encrypted. Health care organizations and business associates need to hold themselves to the highest, most unimpeachable standards.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Harris Beach PLLC | Attorney Advertising

Written by:

Harris Beach PLLC

Harris Beach PLLC on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide

This website uses cookies to improve user experience, track anonymous site usage, store authorization tokens and permit sharing on social media networks. By continuing to browse this website you accept the use of cookies. Click here to read more about how we use cookies.