Skip to main content
Greenway Health
Main navigation
  • Solutions
      • Greenway Solutions
          • Solutions by Product
          • Electronic Health Records
          • Practice Management
          • Revenue Cycle Management
          • Telehealth
          • Patient Engagement
          • Analytics
          • Interoperability
          • Clearinghouse Services
          • Population Health
          • Care Coordination Services
          • Marketplace Partner Integrations
          • View All
      • Solutions
          • Solutions by Specialty
              • Cardiology
              • FQHC
              • OB-GYN
              • Orthopedics
              • Pediatrics
              • Primary Care
              • Surgery
              • Tribal Health
              • View All
      Past Webinar

      GRS Lunch & Learn series - Optimizing the front office for revenue cycle success

      Read More
      Greenway Blog

      What is revenue cycle management?

      View Details
  • Knowledge Center
      • Challenges
          • Patient Care
          • Profitability
          • Compliance and Reporting
          • Workflow Efficiencies
          • Data Security
          • Support and Training
          • MACRA: MIPS and APMs
          • Value-Based Care
          • View All
      • Knowledge Center
          • Resources by Type
              • Greenway Blog
              • Webinars
              • E-books
              • Case Studies
              • Infographics
              • Videos
              • View All
          • Resources by Topic
              • COVID-19
              • EHR/EMR
              • Telehealth
              • Patient Engagement
              • Population Health
              • Regulatory
              • Revenue Cycle Management
              • View All
      Past Webinar

      GRS Lunch & Learn series - Optimizing the front office for revenue cycle success

      Read More
      Greenway Blog

      What is revenue cycle management?

      View Details
  • About Us
      • About
          • News
          • Executive Leadership
          • Awards and Certifications
          • Award-Winning Customers
          • Greenway Champions
          • Community Involvement
          • Careers
  • COVID-19 Resources
Utility
  • Login
  • Support
  • Events
  • Contact
  • 877-932-6301

Free Consultation

greenway blog January 30, 2020

Essential data security questions to ask your IT vendor

The prominence of healthcare as a target for hackers and the increasingly steep price of a breach have made data protection a top priority for practices.

The average total cost of a data breach in healthcare was $6.45 million in 2019, or 65% higher than the average of all other industries, according to a study conducted by the Ponemon Institute.

If data is compromised, what tools do you have available? In addition, what’s the best way to manage other needs, such as storage and prescription transmission through an EHR platform?

“Having a vendor who can assist you and help mitigate those concerns is crucial,” said Matthew Adkins, Manager, Information Security with Greenway.

Cybersecurity questions for vendors. Illustration.

Building the foundation for cybersecurity

The first step is to ensure a strong foundation. Ask these cybersecurity questions for vendors to determine whether your needs align:

  1. Is the vendor insured? For how much?
    Understand their ability to cover potential damages.
  2. Is support in-house or outsourced?
    In-house support may provider better continuity, while outsourced support could lead to communication issues.
  3. Do they understand your business?
    You want a vendor that understands your business, how to remain compliant, and the challenges that come with it.

cybersecurity tools to protect against a data breach

When evaluating risk mitigation, ask your prospective IT vendor what tools they’ll use to assist with a potential breach. Here are some key questions to ask:

  1. What’s in their security toolbox?
    What tools are available to assist in dealing with a potential breach? The vendor may take preventative measures that stop a malicious attack from being executed or reactive measures that are part of a protocol following an attack.
  2. What security controls will they use to maintain and secure your environment?
    Find out how the vendor will secure your environment. How often will they review and test their software?
  3. If there is a security incident, what will be their role?
    Understanding the role your vendor will play in an incident will help you determine the extent to which you or anyone else will need to be involved.
“When you’re looking to select a particular vendor, knowing that they’ve been around and had experience with different platforms, with different business models, certainly is relevant and key.”
Matthew Adkins, Manager, Information Security with Greenway

Trusting your health data backups

Backups are building blocks for any response and recovery plan. A challenge with backups is they can distribute sensitive data through other systems, creating a new set of risks and concerns. Ask your vendor these questions about backups:

  1. Will they perform backups of all servers?
    Consider what’s being backed up — just the application data or the entire server. Also, find out if the backups will be encrypted. If so, who has the keys? Make sure you won’t lock yourself out.
  2. What is the backup schedule?
    Going how far back will you be able to restore data? Minutes, days, weeks? This will help you understand how often you should back up data.
  3. Are the backups tested regularly?
    The most critical aspect of a backup strategy is testing and executing regular tests of the system.

On premise or the cloud?

Do you prefer your system to reside locally or on the cloud, and why? With a cloud-hosted solution, you can hand off the risk to another entity that can also maintain the system, monitor recovery, and take on other responsibilities.

To learn more about Greenway’s cloud offerings, click here.

Other cybersecurity considerations

When you select a vendor, consider the risks of a situation as simple as the receptionist’s workstation not functioning. How will that affect check-ins, collections, and other daily operations? Also consider the bigger picture. How is the organization likely to respond in a high-stakes situation such as a breach?

Find out how long the vendor has been in business. That goes for the organization itself as well as the tenure of its engineers and other staff members.

“When you’re looking to select a particular vendor, knowing that they’ve been around and had experience with different platforms, with different business models, certainly is relevant and key when making that selection,” Matthew said.

To hear more of Matthew’s cybersecurity questions for vendors, click here for our cybersecurity webinar.

For more information, CLICK HERE to schedule a conversation with a Greenway representative. Or watch our 3-minute overview video HERE.

Related Solutions

Electronic Health Records (EHR)

Solutions designed for medical practices like yours.

Learn More

Medical Practice Management Software

Customizable, forward-thinking technology to drive success.

Learn More

Professional Services and Customer Success

Quality training, support, and guidance … all based in the U.S.

Learn More

Additional Resources

COVID-19 and healthcare cybersecurity. Illustration.
Past Webinar

COVID-19 and healthcare cybersecurity: What practices need to know

Read More
Patient data, HIPAA, and cybersecurity considerations during COVID-19. Illustration.
Greenway Blog

COVID-19 and healthcare cybersecurity: How to protect patient data

Read More
""
Greenway Blog

New resources to help you report for 2019

Read More
""
Greenway Blog

Avoid a hack attack! How to prevent security breaches in healthcare

Read More
Visit our Knowledge Center

Social

  • Facebook
  • Twitter
  • Linkedin
  • Instagram
  • YouTube
Footer menu
  • Term of Use
  • Privacy Statement
  • Compliance
  • Careers
© 2021 All rights reserved. Greenway Health, LLC

Stay informed with Greenway Health’s latest news

Subscribe