July 8, 2020

Volume X, Number 190

July 08, 2020

Subscribe to Latest Legal News and Analysis

July 07, 2020

Subscribe to Latest Legal News and Analysis

July 06, 2020

Subscribe to Latest Legal News and Analysis

Top Cybersecurity Risks for Healthcare Industry

Clearwater Compliance’s newest CyberIntelligence Insight Bulletin concludes that the top three cybersecurity risks for the healthcare industry, which accounts for 36.8% of reported critical risk incidents include: 1) user authentication deficiencies, including placing passwords in obvious places where others can find them like on the computer monitor or under the keyboard, using generic user IDs and passwords that can be compromised and emailing user credentials unencrypted; 2) endpoint leakage; and 3) excessive user permissions.

According to the Bulletin, “certain media types are frequently associated with User Authentication Deficiencies and warrant attention by healthcare executives.” Simple cybersecurity measures are recommended in the Bulletin to mitigate these risks, including password strength requirements, single sign on and locking accounts after too many failed logins. These are basic cybersecurity measures that apparently many healthcare organizations are not effectively implementing which is causing serious incidents.

Copyright © 2020 Robinson & Cole LLP. All rights reserved.National Law Review, Volume IX, Number 4


About this Author

Linn F. Freedman, Robinson Cole Law Firm, Cybersecurity and Litigation Law Attorney, Providence

Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She provides guidance on data privacy and cybersecurity compliance to a full range of public and private clients across all industries, such as construction, education, health care, insurance, manufacturing, real estate, utilities and critical infrastructure, marine, and charitable organizations. Linn is a member of the firm's Business Litigation Group and chairs its Data Privacy + Cybersecurity Team. She is also a member of the Financial Services Cyber-Compliance Team (CyFi ...