New Survey Shows Many Providers Still Not Addressing Cybersecurity Risks
Question: What practices should every healthcare provider follow to protect against cyberattacks?
Answer: Cybercrime continues to make headlines across the country, as cyber criminals hack into healthcare databases. According to a recent survey by the Healthcare Information and Management Systems Society (“HIMSS”), the number one threat is ransomware attacks, where a healthcare database is hacked and its medical records held hostage until a ransom is paid. Ransomware attacks were cited most often (by 69% of respondents) as a significant threat to healthcare IT system security. Hackers are believed to seek patient information for one of two reasons. The most common reason to access patient medical records is to steal personal data to commit standard identity theft, such as gaining access to bank accounts and opening credit cards. Another form of identity theft, medical identity theft, is growing in popularity. Medical identity theft occurs when a patient’s identity is stolen and used by others to obtain healthcare in that patient’s name. In the age of electronic medical records, medical identity theft also carries the potential threat to the accuracy of the patient’s electronic clinical records, which could have a serious impact on the patient when he or she seeks care in the future. The survey notes that underfunding of health IT defenses has been a recurring theme in security surveys for years and this year’s HIMSS survey is no exception. About half of survey respondents (55%) cited lack of financial resources as a barrier to mitigating their cybersecurity risks. The study further revealed that a significant minority of security pros still report their systems are not encrypting patient data, a basic defense. Security experts all agree that cyberattacks on medical practices of all sizes will continue to increase in the face of many providers’ failure to prioritize the security of their electronic medical records.
Many members are rightly concerned about QPRS, Meaningful Use and now MACRA. However, much of what is being asked, goes back to the quality of our charts. For example, one of the “cross-cutting measures” that cross-cuts specialty lines, is the measure entitled “Closing the Referral Loop”. The practitioner must make sure that he or she actually receives the report from the provider to whom the patient was referred. Go further and be golden; in the body of your chart, state the main conclusions of the consultation report and if you agree or not. If you agree, how will that affect your treatment plan for this patient? If you do not agree with the consultant, state why not. - Larry Kobak DPM, JD
If you have any questions, please contact us at 1-800-445-0954 or via email at info@DrLaw.com
THE PHYSICIAN ADVOCACY PROGRAM ®
We wanted to bring you a step closer to total legal coverage. We thought you deserved more. Email us at info@ThePAP.com
for more details.
At Kern Augustine, P.C., we have been opposing the harassment of physicians for over thirty years. Day-in and day-out our team of highly skilled, nationally recognized attorneys battles federal and state regulators and third party payors who seek to punish, harass, investigate and/or prosecute physicians. We remain on the cutting edge of ever changing rules and regulations affecting health care practitioners and the intricacies of today’s health law.
Put Kern Augustine, P.C. on your side with the Physician Advocacy Program®
Kern Augustine, P.C., Attorneys to Health Professionals, DrLaw.com, is solely devoted to the representation of physicians and other health care professionals.