Phishing a Real Threat to Healthcare, No Fooling
So, no fooling—it's time to make sure that your organization, and those of your business associates—are practicing "safe email."
Increasingly, we will see insidiously intelligent attacks on healthcare. Bad guys can guess at org charts for most healthcare organizations by searching for companies and job titles on LinkedIn. Other baddies masquerade as a company's IT support department, offering bogus expanded mailboxes or benefits enrollments—anything to get you to click.
Time and again, the technology industry has assured us that communications would be secure one day. Up to this point, the best the industry's been able to do is to direct us to secure Web portals. Meanwhile, the everyday email we use remains unsigned, unauthenticated, unencrypted, and open to the same sorts of phishing attacks effective during the better part of the past 20 years.
So, what can be done? In the past year, the Domain-based Message Authentication, Reporting and Conformance specification has become a force for positive change in the phishing war. DMARC lets senders and recipients exchange email authentication between themselves.
If your healthcare organization sends any email, or contracts with an organization that sends email in your name, and you haven't implemented the DMARC standards yet, there's a free set of training videos available. It's one of the best ways to immediately step up your response to the new HIPAA regulations.
Now let me scare you a little bit. Facebook is in the process of gradually rolling out a new form of search known as Graph Search. While there may be good reasons for Facebook to expand the search capabilities of that system, according to industry experts, Graph Search will be "a phisher's best friend."
- CVS Ramps Up Retail Clinics with Provider Affiliations
- 4 Tectonic Shifts Shaking Up Healthcare
- Contradictory Obamacare Rulings Issued by Appellate Courts
- Drug Pricing 'Tantamount to Greed,' Lawmaker Says
- Study Puts Spotlight on Preventing Fall-Related Injuries
- As HIPAA Breaches Accelerate, Tools Lag
- Wanted: Nurse PhDs
- Roundtable: Life After a Healthcare Organization Acquisition
- The Infection-Busting Treatment Payers Don’t Want to Talk About
- Medical Errors Third Leading Cause of Death, Senators Told