PHI Security – Is your E-mail System Secure?
PHI Security – Is your E-mail System Secure?
Recently in the HIMSS magazine Healthcare IT News reported over 600 patients at the University of California, San Francisco had to be notified of a possible data breach that occurred when a hacker obtained e-mails containing their personal information. Each of our clients sites have e-mail systems of various versions and configuration.
We have all seen the fake requests to update our financial information from banks and credit unions, this attack is especially concerning when it appeared to come from your own company. The breach was created when a faculty physician in the School of Medicine fell prey to a phishing scam. The physician unknowingly provided the user name and password for his/her e-mail account in response to an e-mail message that appeared to come from the university's internal computer servers.
These types of attacks are becoming increasingly difficult to defend against. Educating our hospital and IT staff can help, preventing phishing from reaching our networks in the first place is the ultimate goal. How is your site addressing e-mail security? What tools has your site deployed to ensure your staff is protected from these types of attacks?
Protected data like patient health information can be at risk without proper infrastructure and policies.
Recently in the HIMSS magazine Healthcare IT News reported over 600 patients at the University of California, San Francisco had to be notified of a possible data breach that occurred when a hacker obtained e-mails containing their personal information. Each of our clients sites have e-mail systems of various versions and configuration.
We have all seen the fake requests to update our financial information from banks and credit unions, this attack is especially concerning when it appeared to come from your own company. The breach was created when a faculty physician in the School of Medicine fell prey to a phishing scam. The physician unknowingly provided the user name and password for his/her e-mail account in response to an e-mail message that appeared to come from the university's internal computer servers.
These types of attacks are becoming increasingly difficult to defend against. Educating our hospital and IT staff can help, preventing phishing from reaching our networks in the first place is the ultimate goal. How is your site addressing e-mail security? What tools has your site deployed to ensure your staff is protected from these types of attacks?
Protected data like patient health information can be at risk without proper infrastructure and policies.
Comments