Healthcare Cybersecurity: Risks and Solutions

May 14, 2021
Managing Healthcare Practice Operations during COVID-19
Debbie Kane Hill, MBA, RN, Senior Patient Safety Risk Manager
As COVID-19 cases continue to rise and fall across all regions of the United States, practices must adapt and adjust their operations according to regional mandates, which can transition overnight with the shifting environment. For areas where there is a resurgence of the virus or as new strains of the virus emerge, you will need to be attentive to newly imposed restrictions. If disease transmission slows further, authorities may lift additional restrictions.

Professional Education
Pain Management - A Closed Claim Analysis Looking at Risks and Lessons Learned
For the first time, The Doctors Company has published an analysis of lawsuits and claims filed against pain management physicians. This study completed in 2020 provides quantitative and qualitative information that a physician who practices pain management, including interventional approaches to treatment would find useful in mitigating the risks of unintended outcomes or harms. This study breaks down where most patient injuries occur, what those injuries are, and the lessons learned from those claims.
1.3 credits

Mar 03, 2021
Healthcare Cybersecurity During COVID-19 and Beyond: How to Protect Your Practice
Kevin Casey, JD, CIPP/US, Assistant Vice President Claims, TDC Specialty Underwriters, Part of the TDC Group
Throughout the pandemic, cybercriminals have found additional opportunities to target the healthcare industry. Recent developments in ransomware sophistication and tactics are cause for added concern.
From The Doctor’s Advocate

Professional Education
HIPAA Fundamentals: 2021 Edition
This on-demand program provides an orientation to the basic requirements of the Health Insurance Portability and Accountability Act (HIPAA). HIPAA gives patients many rights with respect to their health information.
1.0 credit

Professional Education
HIPAA for Managers: The High-Level View
The program explores and defines HIPAA policies and procedures, business associate agreements, security assessment and analysis, training requirements, HIPAA compliance requirements, breach events, and informed consent.
1.0 credit

Nov 23, 2020
Ransomware Attacks Against Healthcare Providers Are on the Rise
By Kevin Casey, JD, CIPP/US, Assistant Vice President Claims, TDC Specialty Underwriters
The proliferation of simple-to-use “ransomware-as-a-service” kits is partially to blame for the rise in attacks. Less technically skilled attackers are provided with free and easy-to-use tools and agree to share a portion of the ransom payment with the ransomware developer. These trends are of particular concern to the healthcare industry, as it is one of the most targeted sectors by cybercriminals. Small to midsized healthcare entities are inviting targets, because they often lack the cybersecurity sophistication to respond to attacks and are known to store, transmit, and process monetizable data.

Professional Education
Medical Error Prevention
The purpose of this monograph and continuing medical education activity is to provide physicians with the most current information regarding the prevention of common performance and diagnostic errors.
2.0 credits

Oct 20, 2020
Cybersecurity Insurance for Medical Practices—The Basics
Rachel Patrizzo, VP, Cyber, TDC Specialty Underwriters
More medical practices are purchasing an insurance policy to cover the substantial costs of a data breach. Here is an overview of what your practice can expect from a cybersecurity policy.

Professional Education
Safe and Effective Opioid Prescribing – Florida Edition
The Doctors Company recognizes the opioid epidemic in this country. This course provides insights into the risks of opioid usage, as shown by malpractice claims, and how to reduce those risks both for your patient and for your practice. Approved by the Florida Board of Medicine—Controlled Substance Prescribing.
2.0 credits

Sep 02, 2020
Remote Patient Monitoring
Sue Boisvert, BSN, MHSA, Patient Safety Risk Manager II
The adoption of telehealth strategies has soared, including the use of remote devices that collect data and send it to the patient’s doctor in real time. Although remote monitoring has advantages for both providers and patients, it entails cyber liability risks.

Aug 04, 2020
Your Patient Is Logging On Now: The Risks and Benefits of Telehealth in the Future of Healthcare
Due to COVID-19, sweeping benefits from telehealth are still emerging—and so are its risks. Reduced infection risk and increased access to care are possible with recognition that telemedicine is not a panacea: Telemedicine is a helpful adjunct to in-person care, when supported by best known practices.

Professional Education
Physician-Patient Relationship: When Does it Begin and When Does it End?
This enduring program will assist the participant in understanding the principles which form the establishment of a physician-patient relationship, as well as the concerns which may result in the need for the physician to consider terminating the physician-patient relationship. Additionally, the concepts of providing patient centered care will be presented for the learner’s consideration.
1.0 credit

Apr 24, 2020
Wearables Offer Wealth of Data During COVID-19, but Liability Risks Remain
John P. Erwin, III, MD, FACC, and Debra Davidson, MJ, ARM, CPHRM
The pressure that COVID-19 has placed on physicians, practices, and hospital systems to ramp up remote monitoring will no doubt accelerate the adoption of wearables into healthcare after this crisis passes. But at the same time, using data from wearables, especially those designed for consumer use rather than formal clinical monitoring, may bring liability risks.

Apr 09, 2020
Exclusively for Member Practices: Risk Management Fundamentals for the Practice Manager
Our complimentary program is exclusive to all member practice managers, both clinical and nonclinical, who are new to the role or seek further education regarding the application of risk management and patient safety measures (or principles) in an office-based medical or dental practice.

Video Dec 16, 2019
Artificial Intelligence in Healthcare: Benefits and Risks
A third of U.S. physicians are already using artificial intelligence (AI) in their practices, and many believe there is ample reason to think this advanced technology can help address diagnostic errors—the largest cause of malpractice claims. However, there are still unresolved questions about the risks.

Oct 31, 2019
The Algorithm Will See You Now: How AI’s Healthcare Potential Outweighs Its Risk
A third of U.S. physicians are already using artificial intelligence (AI) in their practices, and many believe there is ample reason to think this advanced technology can help address diagnostic errors—the largest cause of malpractice claims. However, there are still unresolved questions about the risks.

Feb 08, 2019
Cybersecurity and Data Breaches Report
It’s not a matter of if a data breach will occur in your medical practice—it’s a matter of when. Make sure your practice is prepared with this guide, which covers how to comply with HIPAA rules in the event of a breach, how to thwart ransomware attacks, how to combat password theft, and more.

Jun 12, 2018
Digital Medicine and the Future of Healthcare
The digitization of medicine is transforming the entire healthcare system—new technologies like mobile apps and wearables bring both benefits and risks, patient access to healthcare is evolving, EHRs have created new patient safety risks, and artificial intelligence is evolving to play a role in future patient care.

Video Oct 13, 2017
Case Studies: Healthcare Data Breach Risks
The healthcare industry suffers more data breaches than any other business segment—a total of 51 percent of all breaches. This video presents an overview of the cybersecurity threats facing healthcare organizations and what they can do to mitigate their risk.

Video Feb 07, 2017
Could Hackers Threaten the Future of Medical Devices?
Pacemakers, insulin pumps, and other medical devices communicate to a network via the Internet. As a result, hackers have the capacity to harm an individual by compromising those devices—for example, stopping a pacemaker or turning off an insulin pump.

Video Feb 07, 2017
3 Steps for Ransomware Defense
While no environment is completely secure from cyberattack, a healthcare organization can take steps to reduce the likelihood that it will suffer the consequences of ransomware.

Video Feb 07, 2017
Paying Cyber Ransom: Pros and Cons
If ransomware strikes a healthcare organization, the cybercriminals behind the attack will demand a payment in exchange for restored access to the organization’s data. Typically the demand is for bitcoin equivalent to less than $10,000. Paying the ransom may be an attractive option if a healthcare organization’s entire network has been compromised and no reliable backup exists. However, there are several compelling arguments against paying.

Video Feb 07, 2017
Ransomware Threatens Patient Care
Cybercriminals typically target healthcare organizations using malicious software, or malware. Most malware is programmed to steal data and take it outside of the network. But cybercriminals today are often choosing a different form of attack: ransomware. A ransomware attack uses encryption to prevent the healthcare organization from accessing its PHI. This puts the healthcare organization in a serious crisis, as PHI is critical to providing care to patients.

Video Feb 07, 2017
Patient Data Trafficked on the Dark Web
Cyberattacks in the healthcare industry have proliferated for two main reasons. One, cybercriminals can sell PHI at a high price on the dark web (the online market where stolen data is bought and sold). Two, healthcare organizations are vulnerable to cyberattacks because they lack the defenses of banks and other financial institutions. Particularly attractive to cybercriminals are midsized healthcare organizations, which in general are underprepared to counter this threat.

Video Feb 07, 2017
Ransomware: Do's and Don'ts
Panic is the typical reaction when a healthcare organization suffers a ransomware attack. If an organization lacks a thought-out response plan for this type of crisis, people tend to overreact. They may do things that will make it harder to recover from the attack and could increase future liability. But an organization can avoid panic by having an incident response plan in place. This plan should provide a framework of actionable steps, including what to do, who is going to do it, and what is going to happen as a result.

Video Feb 07, 2017
Why Cybercriminals Prefer Bitcoin
Currency is a means of exchange typically sanctioned by a central body like a government or central bank. Bitcoin, however, is a decentralized digital currency based on a public ledger secured by cryptography. As a result, bitcoin transactions are largely irreversible and untraceable. This makes bitcoin and other digital currencies attractive to cybercriminals. They give cybercriminals a means of monetizing their attacks anonymously—one reason that ransomware attacks have proliferated.

Please select a content type from the menu.

Show by type: