2024 is beginning like many other years before it. Holiday treats are replaced in stores with protein shakes and new workout equipment. Everyone is making resolutions to eat healthier, exercise more, drink less. While the typical resolutions are worthy goals, they often are forgotten as the calendar pages flip past.
This February, rather than simply setting aside your kale salad for Valentine chocolates, perhaps it is time to consider a new set of habits around cyberhealth. February 6 marks Safer Internet Day, an event intended to raise awareness around dangers on the internet, especially for parents, children, and teens. Safer Internet Day is also an opportunity for healthcare providers and consumers alike to examine their own internet behavior and identify habits that may leave people and their organizations vulnerable to cyber-attacks.
A Troublesome Trend
According to NBC News, cyber-attacks on hospitals doubled each year between 2016-2021. Physician’s Practice reports that in 2023, approximately 87 million American patients were victimized in healthcare data breaches, up from 37 million in 2022. Healthcare organizations and systems are attractive targets for cyber criminals because the data they contain ranges from sensitive payment information, to personal medical histories, to patient identifiers and more. Cybercriminals can exploit this stolen data to commit a huge range of crimes.
Unfortunately, as the positive uses of technology grow, so do the skills of criminals who want to steal sensitive data. For this reason, everyone should practice these good internet habits that will protect themselves and the organizations that employ them.
Dos and Don’ts for a Safer Internet
DO: Upgrade your Password Game
It is vitally important to create different passwords for different websites. That way, if one password is stolen, other accounts will still be safe from hackers. Use a well-regarded password manager to store your passwords so you don’t lose them. Experts are advising internet users to avoid using passwords that contain personal information (such as parts of your name, birthdate, children’s or pets’ names, etc.) that could be guessed by hackers. Overly complex passwords are not ideal because they are easily forgotten. Rather, it might be useful to choose longer “passphrases” which have been shown to be both more memorable and more secure.
DON’T: Ignore System Updates
We’ve all been there—you login to your computer only to be told that your system must be updated. Too often, you ignore these warnings and just go directly to your work, figuring you can update later when you have more time. “Not so fast!” warn cybersecurity experts. In fact, software updates might be the single best protection against cyberattacks, according to a recent Washington Post article.
Often, these updates are developed in response to a bug or vulnerability discovered by either by the company themselves, or by hackers. When the “hole” in security is found, a patch is quickly developed to close that vulnerability. Think of a safe with a hole in it—a team develops a patch for that hole, but the safe owner chooses not to install it because it would take too long, or it is inconvenient. Most people would never leave a literal safe open to being robbed because fixing the hole is too annoying, yet they do it all the time with software updates. Don’t be that person who leaves sensitive information unprotected. Install those updates!
DO: Provide Cybersecurity Training to Staff
According to a recent HIMSS Healthcare Cybersecurity Survey, phishing and ransomware attacks are the most common security incidents in healthcare organizations. This means your organization (and your patients) are only as safe as the habits of your most poorly-trained employee. It takes only one person within an organization to fall for a phishing scheme that exposes the sensitive data of millions of patients. Don’t know where to start? Here is a list of the 6 best cybersecurity awareness training programs for employees.
Just by following these few tips, everyone can protect both personal and professional data from being stolen and exploited by cybercriminals. Let’s toast to a safer and more secure 2024!