Over the last several years, the healthcare industry has seen a dramatic increase in cyber incidents that target smaller rural hospitals and health centers, requiring a coordinated, proactive defense by electronic health record (EHR) vendors and data security companies.
At MEDITECH LIVE 24, Google showcased its rural healthcare cybersecurity initiative designed to help under-resourced health systems building and maintaining a resilient, secure data infrastructure. This initiative, alongside Google's partnership with the Health Information Sharing and Analysis Center (Health-ISAC), offers valuable resources, like instructor-led and on-demand cybersecurity courses through Mandiant Academy to eligible healthcare organizations.
MEDITECH encourages our customers to take advantage of Google’s partnership with the Health-ISAC. Information sharing through public-private sector collaboration will be crucial in protecting sensitive patient data and ensuring the continuity of healthcare services moving forward.
The rural cybersecurity initiative is just one of the recent ways that Google has been working to ensure that healthcare organizations, their workers, and their patients are protected. Rural hospitals and clinics interested in this program can find more information here.
Together, MEDITECH and Google are also providing rural healthcare facilities with accessible, cost-effective tools, like our MEDITECH as a Service subscription model. Built with a number of safeguards in place, this service gives medical providers real-time access to information that is maintained in a secure Google Cloud environment.
This collaboration enables users to focus on caring for patients while MEDITECH and Google provide the security measures that keep their data safe.
Monitoring Wider Efforts Against Cyber Criminals
Another common aspect of both MEDITECH and Google’s commitment to cybersecurity is keeping a close watch on global cybercrime events and the international response to them as another way to stay at the forefront of the effort to stem ransomware and other attacks.
This includes the ongoing International Counter Ransomware Initiative, which is a consortium of 40 countries that have made a commitment to bring cyber criminals to account through investigation, prosecution, extradition, and other legal means. Through highly coordinated cooperation, these countries are successfully tracking cryptocurrency payments, mitigating threats, and publicizing ransomware takedowns. These efforts have resulted in 14 significant disruptions by law enforcement in ransomware operations this year.
There have also been considerable efforts focused on enabling healthcare organizations to strengthen themselves against these attacks. For example, the Department of Health and Human Services (HHS) has created voluntary cybersecurity performance goals that offer a flexible framework for hospitals and health systems of varying sizes and security postures,
incentives for organizations to prioritize cybersecurity, as well as taking steps to align regulations with cybersecurity objectives and strengthen the department's role as a sector risk management agency.
Healthcare organizations can find no-cost, voluntary guidance from Health and Public Health Sector Coordinating Council’s Cyber Working Group and agencies like Cybersecurity and Infrastructure Security Agency (CISA). Both offer resources on identity and access management, patching and vulnerability management, and mitigation cycle planning.
MEDITECH utilizes these resources to enhance its internal cybersecurity posture by leveraging CISA's cyber hygiene services and vulnerability scanning tools to serve as overlapping security controls.
In this way, MEDITECH has improved its ability to detect and respond to threats, helping our customers mitigate attacks so that they can continue delivering care without interruption.
Through our dedication to building secure EHR solutions and collaborations with industry leaders like Google, MEDITECH is ensuring that healthcare organizations of all sizes and budgets can take proactive steps to protect themselves and their patients from cyber attacks.
