Michael Coppola – Best Practices for Cyber Security in the Healthcare Sector Today

When it comes to establishing the best practices for the healthcare sector today for cybersecurity, hospitals and medical units need to carry out risk assessments for every program active in the establishment. The risk has to be assessed first before any action is embraced for managing the effects of the risk. It should be evaluated on factors like the probability of occurrence, its impact on the healthcare establishment, and its prioritization. Healthcare administrators must conduct risk assessments regularly at least once every year to be safe.

Michael Coppola – the need for better security controls

Michael Coppola is an esteemed doctor in sleep medicine and pulmonology in Glen Burnie, Maryland, with over 20 years of valuable experience in the field. He says that as a doctor, he needs to protect his patients’ information as it is confidential and should not fall into the hands of people with malicious intent. Unfortunately, 2020 witnessed a surge in cybercrimes. Therefore, it is the need of the day for every medical establishment in the world to beef up cybersecurity to protect patients’ personal information.

He says that to ward off security threats, every hospital establishment must have advanced controls. This helps them protect the data better as if one control fails, there is another control to take its place. For example, there can be a computer virus that seeps in through the firewall of the establishment; however, if there is good anti-virus software in place, it will stop the virus in its tracks to devastation.

Can all threats be prevented?

Not all cyber-threats can be thwarted, he adds. This is where the establishment needs to focus on the techniques of blocking and tackling. This is a robust response plan that is mandatory for cybersecurity in the healthcare industry. The plan either blocks or tackles the threat in an expeditious and timely manner.

When it comes to the basic cybersecurity controls that every healthcare establishment should have, they should include the following listed below-

  • Email gateway
  • Anti-virus
  • Prevention of data loss
  • Backup and the restoration of data and files
  • Firewalls
  • Encryption in data transit
  • Plan for incident response
  • Encryption for data and files that are archived
  • Web gateway
  • Secure disposal of data
  • Security procedures and policies in the healthcare establishment
  • Management of vulnerabilities with proper programs and more.

He says that when it comes to the cybersecurity needs of healthcare establishments, they must have customized solutions. For this, they have to hire professionals trained in the field of cybersecurity in the healthcare sector. A complete evaluation of the system should be carried out to set the right policies in place. In this way, every healthcare establishment, both big and small, can get the protection they need with success.

In the opinion of Michael Coppola in addition to the basics, that every healthcare establishment must have security controls that are advanced in nature as well. For example, they should cover vulnerability scans, digital forensics, penetration testing, multi-factor authentication, network segmentation, plan for disaster recovery, and business continuity.