The best way to defend against a cybersecurity attack is to develop a robust, tested cybersecurity plan. AHIMA has released updated guidelines for providers looking to implement cybersecurity prevention measures.
The guidelines document, titled “AHIMA Guidelines: The Cybersecurity Plan,” outlines 17 steps to a complete cybersecurity plan, including:
- Conduct a risk analysis of all applications and systems
- Recognize record retention as a cybersecurity issue
- Patch vulnerable systems
- Deploy advanced security endpoint solutions that provide more effective protections than standard antivirus tool
- Encrypt workstations (high-risk) and laptops, smartphones and tablets, portable media and backup tapes (if tapes are being used)
- Improve identity and access management
- Refine web filtering (blocking bad traffic)
- Implement Mobile Device Management (MDM)
- Develop incident response capability
- Monitor audit logs to selected systems
- Leverage existing security tools like Intrusion Prevention System/Intrusion Detection System (IPS/IDS) to detect unauthorized activities
- Evaluate business associates
- Improve tools and conduct an internal phishing campaign
- Hire an outside security firm to conduct technical and nontechnical evaluations
- Prepare a ‘State of the Union’ type presentation for an organization’s leaders on cybersecurity
- Apply a ‘Defense in Depth’ Strategy
- Detecting and Preventing Intrusion
The guidelines also include a glossary of important security terms. To read the full guidelines, click here.
Leave a comment