ComplianceJunction has created a new training course for healthcare organizations to allow them to raise employee awareness of the common cyber threats that provide hackers with access to healthcare networks and employee, patient, and client data.
The HIPAA Security Rule requires HIPAA-regulated entities to conduct regular cybersecurity awareness training. Employees should be made aware of the cyber threats they are likely to encounter, be trained how to recognize those threats, and be told what they must do if a threat is identified or suspected. By providing training, healthcare organizations can reduce the risk of cybercriminals exploiting human weaknesses to access internal networks and sensitive data.
Healthcare organizations of all sizes need to provide cybersecurity training to their employees. While small healthcare organizations are less likely to be targeted by cybercriminals than large healthcare organizations, many cyberattacks are opportunistic in nature and the HHS’ Office for Civil Rights breach portal lists many small healthcare organizations that have fallen victim to cyberattacks.
The most common threats are phishing, malware, ransomware, and business email compromise attacks, and healthcare employees must be made aware of these threats and be told how they can be identified and avoided. ComplianceJunction’s cybersecurity training for healthcare organizations course was developed to improve awareness of the common threats that often result in healthcare data breaches.
“Cyberattacks and data breaches are being reported in record numbers and many of these attacks occur as a result of a lack of employee security awareness,” said ComplianceJunction’s Ryan Coyne. “Cybercriminals often gain a foothold in healthcare networks by conducting relatively simple attacks that exploit human weaknesses. Our new training course has been developed to provide healthcare workers with the tools to allow them to recognize and respond appropriately to these threats. When paired with our comprehensive HIPAA training, it offers a complete solution to safeguarding patient data.”
The training course is specifically aimed at frontline healthcare workers and covers topics such as identifying and avoiding malware, ransomware, social engineering, phishing, and business email compromise. The course teaches healthcare employees the red flags that they should look for in emails and when browsing the web to help them identify threats and the actions they can take to mitigate risks.
“It was a wonderfully detailed course. I have taken a few in the past. I will say this one not only kept the important information repeated throughout the course to ensure it was embedded in my memory, but it made it easy to remember those key concepts at the end,” said Ciera Lancaster, an Executive Assistant and member of a large Virtual Assistant Organization.
