Cybersecurity Tips for Clinicians Working from Home

The pandemic continues to create the need for data sharing and collection to increase among care teams, patients, hospitals, vendors, and a variety of other organizations. Due to this surge, cybercriminals are launching attacks on facilities and healthcare data. To add to this, many clinicians are currently working from home and providing care virtually. This presents opportunities for cybercriminals to infiltrate systems and prey on vulnerabilities of the system and the end user. In light of the pandemic, cyber threats like phishing, ransomware, and malware attacks continue to climb and evolve.

While cybercrimes aren’t new to the healthcare industry, the theme of the tactics have changed. According to Microsoft, COVID-19 themed attacks hit nearly 90,000 between the week of May 31^st and June 6^th. These types of attacks are happening across the globe. Best practices for avoiding these scams need to be discussed and understood by members of your practice.

Working from Home Cybersecurity Tips

• Phishing scams continue to be a threat – be wary of opening documents or clicking links from unknown senders. These types of attacks have increased as hackers try to access medical data. Be sure to check the domain of an email address if the message of the email looks “phishy” as well. Many times a hacker uses many of the same elements of user email address they are trying to emulate when creating a phishing scheme. Always be alert.
• Utilize a private network or cloud-based service(s) to remote into your work computer. This includes accessing your practice management or EHR system.
• Multi-factor authentication for logging into business and personal accounts significantly limits the ability for hackers to access data points. Ensure that lockout features are enabled in case of multiple failed login attempts – this should also alert you in case your account encounters any suspicious login activity.
• Ensure that all operating systems – whether you are utilizing a cell phone, PC, or tablet – are up-to-date on system and security updates.
• Protect your home’s network with a strong password, if utilizing WiFi connection frequently. Strong passwords should contain a combination of numbers, letters, and special characters.
• Remove any unnecessary patient medical information from personal devices that poses a threat if a hacker accessed your device. This not only saves you if a hacker infiltrates your local machine but creates less concerns when it comes to HIPAA. (Ensure that all of this patient personal data is first transferred to your EHR system!)

Other resources:

Many practices have been working from home for the past several months to ensure exposure risk is minimized for staff, providers, and patients. Some of these measures may have already been taken, while others may still need implemented. As you work towards a more secure work from home environment, delve into these resources to help you guard your practice, local machines, and data against outside threats…

• American Medical Association: Working from Home During COVID-19 Pandemic
• Becker’s Health IT: 10 Cybersecurity Tips for Clinicians Working from Home During the Pandemic
• Health Tech: How to Stay HIPAA Compliant from Home

Key Takeaways:

As you and members of your staff continue to work from home throughout the pandemic, there is likely to be challenges faced. We encourage you to remember the following takeaways:

• HIPAA rules and requirements stand regardless of where you or staff perform work.
• Ensure that system and security updates are taken care of on local and remote machines.
• Notify staff of phishing attempts made across the network.
• Frequently remind your team of tips and tricks to remain safe from cyber criminals.
• Implement multi-factor authentication, where applicable, for an added layer of security.

Outside threats to your network will always exist. Mitigate those risks by continuing to stay vigilant, minimizing vulnerabilities, and staying up-to-date on cybersecurity protocols.

Are you looking for a solution to help you address network vulnerabilities and keep your data safe? Data Guardian Pros, MicroMD Solutions Partner, addresses vulnerabilities and risks that your practice faces, working from home or not. Find out more at micromd.com/marketplace or call us at 800.624.8832.