Archives     Advertise     Editorial Calendar     Subscribe     Contact Us    


NMGMA: 10 Minute Takeaway


 
Charles Henson

The second Tuesday of each month, practice managers and healthcare industry service providers gather for the monthly Nashville Medical Group Management Association (NMGMA) meeting.

During the February meeting Charles Henson, managing partner with Nashville Computer, discussed cyberattacks and the best ways to prevent data loss. Henson said rich patient data made healthcare practices a hot commodity for the criminal underground on the Dark Web, which is a place where you can literally buy anything from identities and malicious software to drugs and guns.

He noted the encrypted content that exists on darknets cannot be accessed by traditional search engines. "The only way to get there is through a Tor Browser ... but don't do it," he cautioned. Simply accessing the Dark Web opens an individual up to hacking. If there is concern that stolen information might be on the Dark Web, Henson said it was best to hire experienced cyber security professionals to investigate.

The way information finds its way to the Dark Web, he noted, is typically through human error and human nature. Poor password choice is one of the biggest issues. Henson told the audience a list of 1.4 billion user names and passwords were recently found on the Dark Web in plain text. From that cache, 9.2 million people use '123456' as a password. Another popular password is 'password.' Cyber security, he noted, starts with strong password protection. Additionally, he said, passwords need to be completely changed once breached. "Hackers have tools to add millions of numbers at the ends of passwords so if you were Apollo12, don't become Apollo13," Henson said.

Ransomware remains popular, and the attacks have become much more targeted. Once information has been hijacked, it's a no-win situation. One Atlanta physician refused to pay ransom, so the hackers released data on a significant number of his patients. However, even if ransom is paid, the bad guys still have the information to shop it on the Dark Web.

Another ploy that is gaining in popularity is for a 'boss' to request private information, such as HR data, or money be sent to him or her quickly. Employees want to do the right thing, but Henson said it's critical to have smart policies in place. For example, he said a sound workplace policy should be: "One - I will never ask you to send sensitive information in an unencrypted format. And two - if I should ever ask for such information, you should talk to me on the phone prior to doing it."

Prevention, stressed Henson, is the best protection. He noted the FBI has said "95 percent of all breaches they work could have been prevented if the employee hadn't clicked on something, downloaded something, or had been educated on a policy." Henson suggested having your IT team do a little proactive spear phishing to see if your staff falls for some of the most common ploys. If they do, then use it as a teachable moment and to review company procedures.

Simple steps individuals should take include thinking twice before clicking on a link in an email, hovering the mouse over the sender's name to see the actual email address rather than the visible alias, being wary of any requests for personal information, looking for grammatical errors or random capitalizations, and recognizing that a promise of something that seems 'too good to be true' probably is just that. Other proactive steps a company or practice should take include having a password policy that locks someone out after three failed login attempts, using two-factor authentication, backing up files regularly, installing a spam filter to block at least some of the bad actors, and considering cyber insurance.

"Don't be an easy target ... be the hard target," Henson concluded. "Every layer of protection reduces risk."

Upcoming Events

  • Tennessee MGMA Spring Conference is scheduled for April 3-5 at the Westin Chattanooga. To download the statewide conference itinerary or register for the meeting, go online to tmgma.com
  • NMGMA Spring Social will be held in lieu of a regular April meeting. The networking event is set for Tuesday, April 30 from 4-6 pm at KraftCPAs. Non-member practice administrators interested in attending should contact NMGMA President Jimmie Holland, website@nashvillemgma.org, to RSVP.

WEB:

NMGMA

Nashville Computer

 
Share:

Related Articles:


Recent Articles

AMA Announces First Chief Health Equity Officer

The American Medical Association (AMA) today announced the hiring of Aletha Maybank, M.D., M.P.H., as its first ever chief health equity officer.

Read More

AMA Calls Pain Task Force Recommendations A Road Map for Future Policy

May 9, 2019 ... The AMA strongly backs the comprehensive, common-sense proposals the Interagency Pain Task Force discussed today, sending a clear signal to the physician community that policy makers understand the treatment required for patients in pain.

Read More

Technology Better Than Tape Measure for Identifying Lymphedema Risk

Bioimpedance spectroscopy (BIS) is better than a tape measure for assessing a woman's risk for developing lymphedema, painful swelling in the arm after breast cancer surgery, according to interim results of a study led by Sheila Ridner, PhD, RN, Martha Ingram Professor and director of the PhD in Nursing Science Program at Vanderbilt University School of Nursing.

Read More

Specialized ER Care Designed for the Unique Needs of Women

Women in the United States face a far greater risk of dying from childbirth complications than in many other developed countries around the world.

Read More

Immunotherapy Shows Promise for TNBC Patients

New immunotherapy regimen approved for the treatment of historically untreatable triple negative breast cancer.

Read More

Reimagining Residency

The AMA has spent the last several years accelerating change in medical education. Now the time has come to reimagine residency as the national organization works to transform physician training & practice.

Read More

AMA Announces New Resources to Train Future Physicians on Health Systems Science

As part of AMA's initiative to create the medical schools of the future, first-of-its-kind Health Systems Science Review book and online education modules will help ensure physicians learn how to deliver patient care in modern, value-based health systems

Read More

Accessing the Spectrum of Quality Care

With the ACOG meeting ... and her year of presidency ... just wrapped, Dr. Lisa M. Hollier, MD, MPH, FACOG shares reflections on the past year and the state of women's health.

Read More

ACS ResearcHERS Program Bringing Awareness to Women in Science

Women now comprise 50 percent of ACS funded research.

Read More

Physician Spotlight: Serving the City

Longtime TennCare leader & public health expert has now been tapped to lead health efforts for Davidson County residents.

Read More

Email Print
 
 

 

 


Tags:
Charles Henson, Cybersecurity, Dark Web, Nashville Computer, Nashville Medical Group Management Association, NMGMA, Password Protection, Ransomware, Spear Phishing
Powered by Bondware
News Publishing Software

The browser you are using is outdated!

You may not be getting all you can out of your browsing experience
and may be open to security risks!

Consider upgrading to the latest version of your browser or choose on below: