The director of the Office for Civil Rights at HHS urged HIPAA-covered healthcare entities to patch up vulnerabilities that give hackers easy access to organization’s computer servers.
According to a Feb. 28 HHS blog post, healthcare organizations' cybersecurity issues were more turbulent as hackers took advantage of hospitals and healthcare systems responding to the COVID-19 pandemic.
To combat these attacks, HHS encourages healthcare entities to do the following:
- Have an offline, encrypted backup of data and regularly test your backups.
- Know where all your EHR information is stored and exists across your organization.
- Conduct regular scans to identify and address vulnerabilities, especially those on internet-facing devices.
- Continuously update software and operating systems.
- Train employees on all possible IT attacks.