Celebrating 20 Years Helping Our Customers Achieve Success!

Sound advice. Simple approach.

EHR Cyberattack Affected 3.9 Million

Investigation Reveals Far More Organizations Impacted

Security expert Tom Walsh, founder of the consulting firm tw-Security, says he is startled by how many victims and entities are affected by the breach.

” I was surprised at the number of entities affected and the total number of patients. Some of those entities affected are located in Kansas, so I had heard about the breach through some of those organizations,” says the consultant, whose company is based in Kansas. “All PHI data is a potential target. Obviously, we can and need to do a better job of protecting the data.”

In the wake of the attack, healthcare organizations should take several steps protect EHRs, including cloud-based systems, Walsh says. Key action items include:

  • Patch management. Systems need to be evaluated and updated frequently.
  • Tighter access control. This is especially needed for system administrator access or elevated privileges, including employees, contractors and subcontractors. For example, two-factor authentication should be required for any type of remote access.
  • Database encryption. Of course, this will only help if a hacker has not compromised a system administrator’s account.
  • System monitoring. Consider outsourcing this activity to a third party using managed security services.
  • Vulnerability scanning and network penetration testing. Conduct regular scans, especially after any significant changes are made to an external-facing application or system. Also, conduct annual penetration testing.
  • Enhanced incident response capability. The more exercise or drills that are conducted, the better the response when a real event occurs. Organizations should develop “playbooks” to document response procedures to the various scenarios.


For more information or to schedule a FREE initial consultation – contact tw-Security.
Read More