Cybersecurity in Healthcare: Roles & Systems to Know
Search For Schools
When you click on a sponsoring school or program advertised on our site, or fill out a form to request information from a sponsoring school, we may earn a commission. View our advertising disclosure for more details.
The advancement of technology in healthcare has provided numerous benefits to the industry. However, it also comes with increased risks of cybersecurity attacks. As healthcare organizations look to protect their digital health data and systems, they must understand the various roles that play a part in cybersecurity and the systems used to safeguard patient data. Cybersecurity threats are constantly evolving, and healthcare organizations must stay ahead of these threats to remain secure.
Protecting patient data is more than just good business practice. It is federally legislated. “Health Insurance Portability and Accountability Act (HIPAA) recognizes that people’s medical data needs to be private for a number of reasons. Information must be private between a patient and their doctor or health care organization,” shares Michael Mukavetz, lecturer at Boston University’s Computer Science Department.
“Federal agencies, the FDA and the Department of Commerce produce and publish many of those regulations and guidelines. Healthcare security staff have to do due diligence to ensure they know the guidelines and that they’re being followed.”
Unfortunately, from time to time, the systems put into place don’t work as they should: “Healthcare cybersecurity failures run the gamut of things from general carelessness to things like hacking and data breaches. Hospitals have also been hit by ransomware attacks lately,” shares Mukavetz. “If personal health information, or PHI, protected under HIPAA is released, the institution will face sanctions for the violation. Usually, this is in the form of fines, but it can be more severe and threaten a facility’s licensing or the ability to treat Medicare patients.”
Healthcare cybersecurity is a multifaceted field encompassing numerous physical and digital systems and key employee roles. From a physical standpoint, healthcare cybersecurity systems can include security cameras, computer hardware, access control systems, and biometric authentication devices. Key employee roles such as network administrators, IT specialists, and information security officers are responsible for implementing and monitoring these systems to identify potential threats.
Digital solutions are also crucial in maintaining the security of electronic health records (EHRs), patient portals, messaging platforms, and wearable devices. These systems must be continuously updated with the latest security patches and monitored for suspicious activity to protect patient data from hackers and other malicious actors.
To learn more about these critical systems and roles, keep reading.
Meet the Expert: Michael Mukavetz
Michael Mukavetz is an experienced lecturer at Boston University with over 20 years of experience in the IT and telecom industry. He graduated from BU’s MSCIS program and has been a course facilitator since 2011. He also holds a bachelor’s degree from the J. Warren McClure School of Information and Telecommunication Systems at Ohio University.
Currently, he works in healthcare technology as an application analyst for Catholic Medical Center. At Nationwide Children’s Hospital in Ohio, he was previously the project lead for implementing a multi-site cardiology imaging and reporting system.
Systems
Healthcare cybersecurity systems are intricate networks of physical and digital components designed to protect patient data from malicious actors. When implemented correctly and regularly monitored by qualified IT specialists and information security officers, these solutions can effectively defend against malicious threats and secure data within an organization’s environment.
Physical Equipment
Cybersecurity starts with physical equipment: “This includes networking equipment, firewalls, routers, switches, and infrastructure hardware. This is not specific to the healthcare industry,” shares Mukavetz.
Other equipment healthcare facilities use can include smart cards, disk encryption devices, and special security chips. Smart cards offer advanced authentication methods to prevent unauthorized access. Disk encryption devices encrypt data stored on hard drives, while special security chips provide secure storage of medical records and other sensitive information.
Many healthcare organizations have also invested in authentication tokens to store passwords or codes securely. The increased use of wireless networks has made wireless access control systems to help prevent malicious activity over the network indispensable as well. These physical equipment pieces are essential to a robust healthcare cybersecurity system.
Digital Solutions
Digital solutions are also used to secure data across various platforms. Antivirus programs can detect malicious software such as viruses, worms, Trojans, and other cyber threats that can compromise server security. Malware protection programs can identify malicious attempts to access a system’s information by blocking undesirable connections and flagging suspicious online activities.
Encryption technologies ensure that confidential data is kept safe by scrambling the information before it’s sent over a network connection. Online backup services store and archive files securely in the cloud so they can be retrieved if necessary. Identity management systems manage user access privileges on a network and create secure authentication mechanisms for users to log into applications.
Sometimes, even the smallest digital tool can save an organization time and money: “Our cybersecurity manager recently presented some of the latest threats and ways to mitigate them. One thing that is becoming more widespread is a spam reporting tool built into email clients. Now, if somebody sees a suspicious email, they can just hit that button, and it’ll get deleted and forwarded to the cybersecurity analyst,” shares Mukavetz. “The analyst can tell if it was actually malicious, or maybe it just looked suspicious. They’ll also track who in their organization might have clicked on a link to a fraudulent website and compromised their credentials.”
Training
All of the digital and physical cybersecurity measures put in place are only useful if the staff at a facility is trained on how to use them and on proper procedures for securing patient privacy. “Part of PHI protection is the training of individual end users. Every hospital or healthcare business needs a strict social media policy because you can’t have nurses posting pictures of patients in the hospital,” says Mukavetz.
“Staff also need to know rules around looking at medical records. You need logging and tracking for all records, and everyone going in and looking at a particular record needs a reason to, or that’s a potential violation. And then just basic digital hygiene such as being safe with emails, forwarding information, and what you download on your computer. All those kinds of things that are potential vulnerabilities.”
Training on healthcare cybersecurity must be a regular part of everyone’s job. “Training needs to be ongoing. Definitely have robust onboarding training as part of hiring but also on a regular schedule both by human resources and the cybersecurity department,” encourages Mukavetz.
Roles in Healthcare Cybersecurity
All digital and physical systems in healthcare cybersecurity need to be implemented by professionals with experience and training in this field. Here are some of the most common roles for healthcare cybersecurity staff.
Chief Information or Chief Security Officer
Most organizations’ senior healthcare cybersecurity role is at the chief level. “At the top would be a chief information officer or information security officer. You would have to get to a pretty large organization to have a CIO or CSO,” says Mukavetz. “They’re going to be the ones guiding the strategy and hiring the right people. And when you’re at that size of the organization, you have to pay a lot of attention to policy and legislation, so that’s also a big part of their focus.”
Director or Department Manager of Cybersecurity
Under the CIO or CSO, or in smaller organizations that don’t have a chief-level role, there are directors or department managers. “The next level of security management would be a director or a department manager for cybersecurity,” shares Mukavetz. “Where I work now, we have a network director and a cybersecurity manager under our CIO.”
While the CIO and CSO are the bigger picture, the director and department managers are concerned with the small details. They lead the organization’s efforts to identify, detect and respond to potential cyber risks. This involves identifying security vulnerabilities, creating a protection plan that adheres to applicable regulations, implementing protective measures such as firewalls and data encryption tools, monitoring the organization’s networks for security threats, and responding quickly to any detected threats. They must also keep up with current industry trends and best practices for maintaining a secure system environment.
Cybersecurity Analysts
Much of the work done in healthcare cybersecurity is performed by front-line employees. “The first level of staff are cybersecurity analysts. There are typically several levels, such as entry-level, mid-level, and senior. They’re going to be doing a lot of the day-to-day work of monitoring, the configuration of devices, and working trouble tickets,” says Mukavetz.
Healthcare cybersecurity analysts have expertise in various areas, such as ethical hacking, digital forensics, malware analysis, and secure coding techniques. They have often completed a rigorous undergraduate or graduate degree in information technology and may have completed healthcare cybersecurity education.