After a cyber attack paralyzed Britain’s public healthcare system, Virginia’s Hospital and Healthcare Association rushed to assure patients that their information is safe. Sandy Hausman reports on nearly two dozen recommendations designed to prevent hackers from getting into medical information systems here.
For months, IT officers from hospitals around the state had been meeting to draft guidelines that could protect essential medical information from the prying eyes of hackers. This spring, they released their advice, stressing the importance of training employees on a regular basis. Julian Walker speaks for the Virginia Hospital and Healthcare Association. He says staffers already get instructions and advice at many medical centers.
“They are advised about different scams, tactics, techniques, tell-tale signs, giveaways that someone might be trying to use, say a phishing e-mail, for example, to try to penetrate a system,” Walker explains.
In addition, he says, hospitals should be doing automated scanning of computer systems for viruses or malware and backing things up on a regular basis.
“At offsite locations, so that in the event of a penetration the system has an uncorrupted back-up of all that information to default to,” he says.
Walker admits no system is perfect, but the association hopes these guidelines, shared with more than 100 hospitals and 30 health systems, will protect the organizations and the patients they serve.