A String of Recent Phishing Attacks Targets Healthcare

by Adam Bullian | May 29, 2018 |

cyber-security-3400657_1280In recent weeks 10 significant email hacking incidents were reported to the U.S. Department of Health and Human Services Office for Civil Rights. In total, these attacks have compromised nearly 90,000 healthcare records.

Here is a list of these attacks and the number of individuals affected in each. It is unclear if these were targeted attacks. While we do know these attacks were successful and PHI was compromised, we do not know how many attacks were unsuccessful or have yet to be discovered. This indicates that healthcare is increasingly a target for phishing attacks and the industry needs to step up its efforts to secure PHI.

The best way to prevent a successful phishing attack is to train your staff. Remind staff that phishing attacks are occurring, and what to look for in order to spot a phishing attack. Be sure to indicate who should be contacted if the staff has a question or if they receive a suspicious email. It may also be helpful to conduct a simulated phishing attack. This allows you to identify which staff need additional training, without compromising PHI. As phishing attacks increasingly focus on healthcare, now is the time to ramp up training efforts to ensure the security of PHI.  



Compliance and security are complex, but they don't have to be hard to comprehend. Check out our resources page for more educational ebooks, presentations, infographics, and more!

View All Resources

Our resources are compiled by our experts here at QI Express. With backgrounds in information technology consultation, IT systems design, audits, law, and patient-facing clinical roles, our team is able to leverage a unique scope of experience to deliver the most comprehensive educational material possible.