Congratulations to tw-Security—2024 Best in KLAS® Security & Privacy Services!

We're #1! Thank you to all our partners and customers!

EHR Cyberattack Affected 3.9 Million

Investigation Reveals Far More Organizations Impacted

Security expert Tom Walsh, founder of the consulting firm tw-Security, says he is startled by how many victims and entities are affected by the breach.

” I was surprised at the number of entities affected and the total number of patients. Some of those entities affected are located in Kansas, so I had heard about the breach through some of those organizations,” says the consultant, whose company is based in Kansas. “All PHI data is a potential target. Obviously, we can and need to do a better job of protecting the data.”

In the wake of the attack, healthcare organizations should take several steps protect EHRs, including cloud-based systems, Walsh says. Key action items include:

  • Patch management. Systems need to be evaluated and updated frequently.
  • Tighter access control. This is especially needed for system administrator access or elevated privileges, including employees, contractors and subcontractors. For example, two-factor authentication should be required for any type of remote access.
  • Database encryption. Of course, this will only help if a hacker has not compromised a system administrator’s account.
  • System monitoring. Consider outsourcing this activity to a third party using managed security services.
  • Vulnerability scanning and network penetration testing. Conduct regular scans, especially after any significant changes are made to an external-facing application or system. Also, conduct annual penetration testing.
  • Enhanced incident response capability. The more exercise or drills that are conducted, the better the response when a real event occurs. Organizations should develop “playbooks” to document response procedures to the various scenarios.


For more information or to schedule a FREE initial consultation – contact tw-Security.
Read More