resource-bg.jpg

Resource Section

success-img.jpg

Headlines, Events, Blogs and Success Stories

Lorem ipsum dolor sit amet, consectetur adipisicing elit, s ed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Lorem ipsum dolor sit amet, consectetur adipisicing elit, s ed do eiusmod tempor incididunt ut labore et dolore magna aliqua.
Share this page
resource-bgcolor.jpg
blog-icon.png

Blog
news-img.png

News & Events
casestudies.png

Case Studies
ebookimg.png

eBooks
whitepaper.png

Brochures

Access Collain Healthcare Blog

Access Collain Healthcare Resources

A Look at Some Best Practices in Healthcare Cybersecurity

June 29, 2017- In a previous post, we examined the reasons why healthcare organizations must make it a priority to ensure the security of their data. This post will explore resources for managing cybersecurity risks.

A recent report issued by the Health Care Cyber Security Task Force includes a series of recommendations for improving cybersecurity in the healthcare industry. The task force expresses hope that the report will be used to galvanize both the public and private sectors “to comprehensively address cybersecurity challenges in order to protect patients.”

To that end, the report suggests that organizations may leverage the NIST Cybersecurity Framework as a tool to help understand, manage, and communicate their cybersecurity risks. It is worth noting, however, that while the NIST framework does offer a high-level description of standards and best practices to help organizations manage cybersecurity risks, it is not specific to the healthcare industry.

Another government entity—the Food and Drug Administration—provides industry-specific guidance for medical device risk management through its pre- and post-market guidance for management of medical device cybersecurity which align with the NIST Cybersecurity Framework.

More specific to nursing home providers is a January 2017 memo issued by CMS’ Survey & Certification Group titled “Recommendations for Providers and Suppliers for Cyber Security.” The memo advises to keep current with best practices for mitigating cybersecurity attacks and outlines resources available to providers and suppliers, as follows:

  1. Facility leadership should review current policies and procedures to ensure adequate plans are in place in the event of an attack. For instance, most IT directors and policies within facilities require systems to be shut down, and specific timelines to notify appropriate state and federal agencies and state health departments.

  2. Some providers have retrained staff to include use of non-electronic methods, such as written discharge instructions, care planning, and medical records. Some have even created preprinted discharge instructions based on common or reoccurring patient care, such as influenza and common cold, with a blank area for additional information that can be hand written by staff. Staff have also familiarized themselves with the paper medication administration record (MAR) process and the transmission of laboratory and radiology orders on paper-based requisition forms that are hand delivered to departments for processing. Other providers have pre-programmed phone/fax numbers into the fax machine to avoid any delay in the event computer systems are inaccessible.

  3. Providers should consider making cybersecurity an element in the development of their emergency plans, risk assessments, and annual training exercises. “While not a requirement, facilities may consider adding cybersecurity protocols to their policies and procedures,” the memo states.

  4. Facilities are also encouraged to work with the chief nursing officer (CNO); risk manager; performance improvement director; IT director and nursing directors, and/or anyone else the facility deemed appropriate in an effort to manage cyber attack mitigation practices.

Following are some resources that CMS recommends for nursing home providers:

  1. The Department of Homeland Security Cyber Resilience Review is a no-cost, voluntary, non-technical assessment to evaluate operational resilience and cybersecurity capabilities of an organization

  2. Guidance for Industry: Cybersecurity for Networked Medical Devices Containing Off-the-Shelf Software 

  3. Additional resources provided by the Office of the Assistant Secretary for Preparedness & Response Technical Resources, Assistance Center, and Information Exchange

The task force report also includes some interesting cybersecurity best practices from the financial and energy industries. The group heard from representatives of both fields and found some synergies and applications that could work for healthcare as well.

To learn how Collain Healthcare products and services can enhance your organization’s security efforts, click HERE.
See All Resources

Featured Topics

Posts by Market

Browse by Role

Get updates direct to your inbox

Life’s Better with Collain

Request your demo today!
REQUEST A DEMO

Contact us
Collain Healthcare

1421 Wells Branch Pkwy,
Pflugerville, TX 78660
(888) 501-4118
COPYRIGHT 2024 Collain Healthcare. ALL RIGHTS RESERVED.   |   Privacy Policy