Protect ePHI from cyber attacks per CMS Emergency Preparedness ruling!

The Black Hole that hackers hate – but firewalls love.

According to ABC News, Healthcare is the number one most targeted industry by cyber-attacks. Wanna Cry is the ransom ware of yesterday but did shut down 65 hospitals in the U.K. and was a global attack. Petya is the ransom ware of today. Hollywood Presbyterian was attacked in January 2017. Cyber-attacks has become a routine part of the news. On June 28th, ABC News Night line had a news story showing the first ever simulated cyber-attack drill in a hospital during a surgery. We are no longer just drilling for fire and disaster but we are now having cyber-attack drills. Any device that is plugged in such as an MRI, medication delivery, and ventilators in a surgery room, can be hacked. During a simulated “drill”, the surgeons were looking at  false readings on the equipment during surgery.  As a result, the patient was receiving incorrect treatment and in fact, were overdosing on medications. This is could be fatal.

The American healthcare system is declared in “critical condition”.

Basically, any device that is plugged in can be hacked. Hackers can also control any device in the human body such as pace makers. It only makes sense that the healthcare industry has been declared in “critical condition”. When ABC News interviewed cyber security experts, the experts  stated the reason healthcare has become the #1 target is that we are an easy target. The reason that we are an easy target is because our hardware systems are outdated, we don’t have appropriate security and many healthcare institutions don’t have any security at all.

The American Health Care Systems is the #1 most targeted industry.

Over the last 10 years, we have literally been creating portals and networks across the very broad spectrum of levels of care to improve overall resident care. The umbrella idea is ACO’s. It took a while to get on board but hospitals, SNF’s and other levels of care have all joined forces including, sharing digital records. The negative side of this is that now a hacker can go through any door and have access to the entire network. In SNF’s, we share records with hospitals, vendors, etc. Most hospitals have created portals between themselves and SNF’s for more efficient discharges and admissions into SNF’s. But now we have to think about what happens when the hospitals  are breached and how that will place us at risk of being breached if we don’t have systems in place. We have to update our hardware systems. When the Federal register was trying to figure out how to write the laws for facilities to protect PHI, it basically said that an institution can’t say that they use encryption software because that’s just “code” and all code can be broken. We had to come up with something hacker proof and encryption is not it. So, in today’s world, you need hardware and a service behind the hardware. This is an active and ongoing need.

The most breached industry is the American Health Care System.

This is why HHS have factored in strict protocol when there is a breach. You can also go to HHS and see a list of the health care institutions where PHI was breached from their system. When a breach occurs of over 500 residents, the facility must report to the HHS secretary, the affected individuals and a prominent media outlet within 60 days of the breach. You are required to provide  all of the details of exactly what was breached. If you look on the HHS website at the list of breaches, it’s called the “Wall of Shame”, you will notice that many breaches are theft where a device was stolen from a car and cyber-attacks. But you are going to see cyber-attacks increase dramatically.

American Health Care systems are outdated and an easy target says cyber security experts.

I would encourage you to watch the ABC news episode that I’m referring to in the link below. I would also go to the HHS website and look at the very long list of institutions that have had a breach, what was the breach and the fine. Additionally, I would tell my IT guy to call Oasis and talk to them about The Titan Black Hole Technology. If you don’t have the Titan, then you don’t have anything else like it. Titan technology is patented so no one else has it. Titan has several patents. They even have a “poison pill” built in the system so that if you go to tamper with the box to find the technology, it will destroy itself.  Try the TITAN in one of your buildings. The cost is very affordable.

Oasis Technology, who created and built the Titan, told me that hackers were constantly trying to get into even personal devices. I didn’t believe them and then they did a test on my personal computer and I couldn’t believe how many hackers were constantly trying to get into my personal information. Oasis gave me a list of IP address that the hackers were working from. I was shocked! So where there is a device, there is a hacker. Our U.S. election was hacked by Russia! What else do we need to believe.

I know what a day is like as an Administrator and honestly, I can’t imagine throwing in a PHI breach. For information on the TITAN, The Black Hole Technology, call Oasis Technology at 805-445-4833. I strongly encourage you to click on the links below.