Using fear to teach cybersecurity
Briefings on Accreditation and Quality, February 1, 2018
This is an excerpt from a member only article. To read the article in its entirety, please login or subscribe to Briefings on Accreditation and Quality.
Hospitals should test staff’s cybersecurity chops by sending them spam emails and seeing who clicks
“Hey it’s Phil, we’re having a problem processing your paycheck. I need you to fill out this form ASAP.”
“Critical Microsoft update, please back up your system now.”
“We’ve detected suspicious activity on your Facebook account and you need to verify your account now before it’s permanently deleted.”
While all the links in these examples are harmless, the ones in real life can be nasty. In 2017, 46% of healthcare cybersecurity breaches were due to “inadvertent actions” by healthcare workers. In other words, someone clicked on a suspicious email or website and infected their hospital system.
Phishing emails and their viruses are used to obtain credit card numbers, usernames, passwords, and (in the case of hospitals) patient records and data. The spread of WannaCry ransomware in 2017 (which hobbled one-fifth of the United Kingdom’s National Health Service) was largely attributed to phishing emails.
This is an excerpt from a member only article. To read the article in its entirety, please login or subscribe to Briefings on Accreditation and Quality.
Related Products
Most Popular
- Articles
-
- Don't forget the three checks in medication administration
- Note similarities and differences between HCPCS, CPT® codes
- Complications from immobility by body system
- OB services: Coding inside and outside of the package
- Q&A: Primary, principal, and secondary diagnoses
- The consequences of an incomplete medical record
- Differentiate between types of wound debridement
- Nursing responsibilities for managing pain
- Practice the six rights of medication administration
- ICD-10-CM coma, stroke codes require more specific documentation
- E-mailed
-
- Correctly bill ancillary bedside procedures in addition to the room rate
- Q&A: Utilization Review Committee Membership
- Q&A: Bill blood administration the same way for inpatient and outpatient accounts
- Q&A: A second look at encephalopathy as integral to seizures/CVA
- Performing a SWOT analysis
- OB services: Coding inside and outside of the package
- Know the medical gas cylinder storage requirements
- Intravenous therapy guidelines
- Coding, billing, and documentation tips for teaching physicians, interns, residents, and students
- Coding tip: Watch for different codes for SI joint injections
- Searched