Phishing a Real Threat to Healthcare, No Fooling
Much is written about the data breaches that occur when someone's laptop is lost or stolen. The HIPAA wake-up-call no doubt will cause many of those laptops to finally be encrypted and outfitted with data-loss prevention technology.
Unlike some other occurrences of malware, phishing isn't going away. Instead, we can expect to be continually challenged by bad actors trying to hoodwink the healthcare system out of protected health information (PHI).
How can it happen? Let me count the ways: It might be a classic scam, like five years ago this month, when thousands of CEOs fell victim to a fake subpoena. Or the annual phony emails claiming to be from the IRS that pop up every year around this time. Fake package delivery emails with links to who-knows-where remain a popular vehicle. So do emails about current events.
Or it might be one of the newer scams making the rounds these days, like this one described by a security expert I spoke with recently: It comes in the form of a one-line email message from someone you trust. "There's not enough information for me to make a decision, so I'll click on it," the expert says. The attacker may have pulled your name from your social network, or may have even found and spoofed your email address. But don't click on that email link.
Too many of the bad links in emails lead will immediately load rootkits into PCs, and at that point, unless your anti-malware protection is on top of its game, a data breach has occurred. With the new HIPAA regulations, you can't assume a breach hasn't occurred just because nothing else appears to be amiss. You'll soon be up on the public HIPAA breach Web site and headed for some stiff fines.
- CFO Exchange: Smartphones Poised to Disrupt Healthcare, Says Topol
- How Digital Strategy Shapes Patient Engagement at Boston Children's Hospital
- CNO on Hospital Redesign: 'You Can't Over-Communicate'
- Half of All Primary Care, Internal Medicine Jobs Unfilled in 2013
- Consumerism Drives Healthcare Branding, Rebranding Efforts
- PA Ranks See 'Phenomenal Growth,' Lack of Diversity
- Carondelet to Pay $35M to Settle Fraud Allegations
- 3 Traits Personality Assessments Can't Reveal
- Some Cancer Hospitals' Quality Data Will Soon Be Public
- CA Powers Up $80M HIE to 'Create Value in the Data'