Skip to main content
Greenway Health
Main navigation
  • Solutions
      • Greenway Solutions
          • Solutions by Product
          • NEW! Medical Coding
          • Cloud Bundle
          • Electronic Health Records
          • Practice Management
          • Revenue Cycle Management
          • Telehealth
          • Patient Engagement
          • Analytics
          • Interoperability
          • Clearinghouse Services
          • Care Coordination Services
          • Marketplace Partner Integrations
          • View All
      • Solutions
          • Solutions by Specialty
              • Cardiology
              • FQHC
              • OB-GYN
              • Orthopedics
              • Pediatrics
              • Primary Care
              • Surgery
              • Tribal Health
              • View All
      Past Webinar

      Breaking down the 21st Century Cures Act — what it means for your practice

      Read More
      Greenway Blog

      Pitfalls to avoid when choosing an EHR partner

      View Details
  • Knowledge Center
      • Challenges
          • Data Security
          • Compliance and Reporting
          • Patient Care
          • Workflow Efficiencies
          • Profitability
          • Support and Training
          • MACRA: MIPS and APMs
          • Value-Based Care
          • View All
      • Knowledge Center
          • Resources by Type
              • Greenway Blog
              • Webinars
              • E-books
              • Case Studies
              • Infographics
              • Videos
              • View All
          • Resources by Topic
              • 21st Century Cures Act
              • Cybersecurity
              • EHR/EMR
              • Telehealth
              • Patient Engagement
              • Population Health
              • Regulatory
              • Revenue Cycle Management
              • View All
      Past Webinar

      Breaking down the 21st Century Cures Act — what it means for your practice

      Read More
      Greenway Blog

      Pitfalls to avoid when choosing an EHR partner

      View Details
  • About Us
      • About
          • News
          • Events
          • Executive Leadership
          • Awards and Certifications
          • Award-Winning Clients
          • Greenway Champions
          • Greenway Engagement Model
          • Community Involvement
          • Careers
  • Cures Act Resources
Utility
  • Login
  • Support
  • Events
  • Careers
  • Contact
  • 877-932-6301

Free Consultation

greenway blog

Pipeline hack drives home importance of cybersecurity planning in healthcare

Cybersecurity planning
Cybersecurity planning

The prominence of healthcare as a target for hackers and the increasingly steep price of a breach have made cybersecurity planning a top priority.

More recently, news that Colonial Pipeline Co. paid hackers a ransom of nearly $5 million has led organizations to revisit their cybersecurity strategies.

Protecting patient data is especially critical in healthcare, where the average total cost of a data breach climbed to $7.13 million in 2020, a 10.5% increase over the year before, according to the 2020 Cost of a Data Breach Report by Ponemon Institute/IBM.

Cybersecurity planning in healthcare

Healthcare was the industry with the highest average data breach cost — for the tenth year in a row.

If data is compromised, what tools does your practice have available? What’s the best way to manage other cybersecurity planning needs, such as storage and prescription transmission through an EHR platform?

"Finding ways to outsource security to the experts is key to being able to keep up,” said Ethan Bing, Practice Administrator with Medical Colleagues of Texas. “I think that's why our partnership with using Greenway Secure Cloud for Intergy has been so important.”

Building the foundation for healthcare data security

The first step is to ensure a strong foundation. Ask vendors these cybersecurity questions to determine whether your data security needs align:

  1. Is the vendor insured? For how much? Understand the vendor’s ability to cover potential damages.
  2. Is support in-house or outsourced? In-house support may provide better continuity, while outsourced support could lead to communication issues.
  3. Does the vendor understand your business? You want to partner with a cybersecurity expert that understands your business, how to remain compliant, and the challenges that come with the territory.

Healthcare information security tools to protect against a data breach

When evaluating risk mitigation, ask your prospective IT vendor what tools it will use to deal with a data breach. Here are some key questions to ask:

  1. What’s in the vendor’s security toolbox? What security measures are available to assist in the event of a potential breach? The vendor may take preventative measures that stop a malicious attack from being executed or reactive measures as part of a protocol following an attack.
  2. What security controls will the vendor use to maintain and secure your environment? Find out how the vendor will secure your environment. How often will it review and test its software?
  3. If there is a security incident, what will be the vendor’s role? Understanding the role your vendor will play in an incident will help you determine the extent to which you or anyone else will need to be involved.
“Cyberattacks will continue, but security consultants and trusted vendors can help evaluate your practice’s security risk and provide recommendations for improving your company’s defense.”
Brian Bobo, Greenway Chief Information and Security Officer

Trusting your healthcare data backups

Backups are building blocks for any security response and recovery plan. A challenge with backups is they can distribute sensitive data, including patient information, through other systems, creating a new set of risks and concerns. Ask your vendor these questions about backups:

  1. Will the vendor perform backups of all servers? Consider what’s being backed up — just the application data or the entire server. Also, find out if the backups will be encrypted. If so, who has the keys? Make sure you won’t lock yourself out.
  2. What is the backup schedule? How far back will you be able to restore data? Minutes, days, weeks? The answer will help you understand how often you should back up data.
  3. Are the backups tested regularly? The most critical aspect of a backup strategy is testing and executing regular tests of the system.
""

Protecting patient data: On premise or the cloud?

Do you prefer your system to reside locally or on the cloud, and why? With a cloud-based EHR solution, you can hand off the risk to another entity that can also maintain the system, monitor recovery, and take on additional data security responsibilities.

Learn more: Greenway Secure Cloud.

Other cybersecurity planning considerations

When you select a vendor, consider the risks of a situation as simple as the receptionist’s workstation not functioning. How will that affect check-ins, collections, and other daily operations? Also consider the bigger picture. How is the organization likely to respond in a high-stakes healthcare data security situation such as a breach?

Find out how long the vendor has been in business. That goes for the organization itself, as well as the tenure of its engineers and other staff members.

Learn more: How Greenway’s data security tools can strengthen your cybersecurity planning.

For more information, CLICK HERE to schedule a conversation with a Greenway representative. Or watch our 3-minute overview video HERE.

Free Consultation

Related Solutions

Electronic Health Records (EHR)

Solutions designed for medical practices like yours.

Learn More

Medical Practice Management Software

Customizable, forward-thinking technology to drive success.

Learn More

Interoperability

Data connections that improve visibility across the range of care.

Learn More

Additional Resources

Securing patient data best practices
E-book

Best practices for securing patient data and steps you can take today

Read More
Top 4 healthcare cybersecurity trends
Greenway Blog

Cyberattacks: Top 4 healthcare security trends

Read More
cms emergency preparedness
Greenway Blog

Disaster planning for healthcare — 4 core CMS elements and more

Read More
avoid data breaches
Greenway Blog

Avoid a hack attack! How to prevent security breaches in healthcare

Read More
Visit our Knowledge Center

Social

  • Facebook
  • Twitter
  • Linkedin
  • Instagram
  • YouTube
Footer menu
  • Term of Use
  • Privacy Statement
  • Your California Privacy Choices
  • Compliance
  • Careers
© 2023 All rights reserved. Greenway Health, LLC

Stay informed with Greenway Health’s latest news

Subscribe