Beware: Ransomware Attacks are on the Rise and the Importance of ISO 27001
It has now been revealed that the cyberattack on the 10-hospital MedStar Health System in the Baltimore-Washington area was in fact a ransomware attack. With all the other concerns that patient care organizations are facing, this new trend just adds an additional layer of challenges. What can healthcare leaders do to address this frightening new trend?
Securely sharing information across the care delivery enterprise should be the utmost concern for healthcare IT companies and healthcare providers. Whether you are talking about an enterprise electronic health record (EHR) or an enterprise-wide platform for sharing provider information, those technologies should be free from security gaps that allow cyber attackers access to the healthcare organization’s IT infrastructure.
Security lapses have allowed hackers to “kidnap” some healthcare organizations’ IT data and hold it for ransom until payment has been made, bringing the organizations’ workflows to their knees. Two things can prevent these attacks; the first is a thorough security audit of all IT systems being used within an organization. The second is implementing IT solutions that come pre-designed with extraordinary security measures built into them. The defining indicator of data security is compliance with ISO 27001. ISO 27001 is the only auditable international standard that defines the requirements to effectively manage and measure an information security management system (ISMS).
Phynd Technologies offers an ISO 27001 ready, secure private connection to the Unified Provider Management (UPM) platform. For those not familiar with ISO 27001, it is a holistic approach to security that covers the whole organization, not just IT, and encompasses people, processes, and technology. This enables employees to readily understand information security risks and to embrace security controls as part of their everyday working practices.
Phynd enables healthcare organizations to securely unify, manage, customize, and share mission-critical provider information across their core IT systems to improve financial results, clinical outcomes, and compliance. The UPM is a comprehensive data management solution that was designed from the ground up to securely gather, validate, and integrate the latest provider information from multiple sources (external and internal) and then provide workflow tools to manage and securely share that information within and across all IT applications. Hospitals across the nation are using the UPM platform to securely manage a single, verified source of provider data that is sharable throughout the enterprise.