Cybersecurity- to deliver appropriate, high-quality care to patients
- As end users in the healthcare organization, can have the greatest impact on improving the security posture of an organization by practicing good cyber hygiene. Because the top security threat for many healthcare organizations is its end users, and the security problems most often arise when good security takes a backseat to convenience.
- The safest location to store password : on a piece of paper in a locked drawer; and when creating passwords for multiple accounts, the best strategy is to use different, arbitrary combinations for each. The strongest passwords include arbitrary combinations of letters, numbers, and symbols
- Social media postings can pose a threat to cybersecurity because answers to password reset security questions can be found.
- An organization’s website may be “scraped” to derive a customized wordlist that enables a cyber-attacker to guess or crack end users’ passwords.
- Before downloading software/tools from the internet, it is very important to always first check with the IT department.
- The most immediate risk involved with clicking on an unexpected or unusual link or attachment in an e-mail is that it may download a malware infection. — In fact, many phishing emails contain malicious links or attachments infected with ransomware. But email isn’t the only way ransomware is spread; simply accessing a legitimate website infected with ransonware may lead to infection.
- In the absence of any immediate cyber-attack threat, the best time for end users to install available system updates is as soon as possible
- When publishing a paper or giving a presentation with personally identifiable information and/or protected health information, one should be sure to ensure blacked out information can’t be reconstituted.
- Good cyber hygiene includes clearing your web browser’s cache.
- Some cyber-attacks can be prevented (blocked), however, with constantly evolving hacking techniques, we can’t prevent everything.
- Best practice tips in case of a suspected or actual security incident:
- See something, say something — Report the incident immediately to your IT department and your supervisor.
- Document that happended –Who? What? Where? When? Why? Document what’s happened and always follow your organization’s policies. By doing this, employees can help enable an organization to assess a potential breach, prioritize the incident, determine the root cause, and remediate and/or resolve the situation.
- Get the right people involved
- Follow guidance and instructions, with no workarounds
- Encourage information sharing
Resources retrieved from Kim, L (2018) Cybersecurity matters: How to safeguard patient and other sensitive data. www.NursingManagement.com