Phishing a Real Threat to Healthcare, No Fooling
So, no fooling—it's time to make sure that your organization, and those of your business associates—are practicing "safe email."
Increasingly, we will see insidiously intelligent attacks on healthcare. Bad guys can guess at org charts for most healthcare organizations by searching for companies and job titles on LinkedIn. Other baddies masquerade as a company's IT support department, offering bogus expanded mailboxes or benefits enrollments—anything to get you to click.
Time and again, the technology industry has assured us that communications would be secure one day. Up to this point, the best the industry's been able to do is to direct us to secure Web portals. Meanwhile, the everyday email we use remains unsigned, unauthenticated, unencrypted, and open to the same sorts of phishing attacks effective during the better part of the past 20 years.
So, what can be done? In the past year, the Domain-based Message Authentication, Reporting and Conformance specification has become a force for positive change in the phishing war. DMARC lets senders and recipients exchange email authentication between themselves.
If your healthcare organization sends any email, or contracts with an organization that sends email in your name, and you haven't implemented the DMARC standards yet, there's a free set of training videos available. It's one of the best ways to immediately step up your response to the new HIPAA regulations.
Now let me scare you a little bit. Facebook is in the process of gradually rolling out a new form of search known as Graph Search. While there may be good reasons for Facebook to expand the search capabilities of that system, according to industry experts, Graph Search will be "a phisher's best friend."
- CEO Exchange: Preparing for Population Health
- Advocate, NorthShore Deal Would Create 16-Hospital System
- 3 Strategies for Retaining Millennial Employees
- Power of price: In South FL and the nation, healthcare costs often are shrouded in secrecy
- Top Reason for Nurse Turnover: Managers
- CEO Exchange: Pressure is On to Partner, Drive Quality
- Hospital mergers may lead to higher prices
- Better HCAHPS Scores Protect Revenue
- Healthcare data of 1 million NJ patients compromised since 2009