Healthcare Cybersecurity Resolutions

By Art Gross, President and CEO, HIPAA Secure Now!
LinkedIn: Art Gross
X: @HIPAASecureNow
Read other articles by this author

As we step into a new year, it’s the perfect time to reassess and reinforce our commitment to HIPAA compliance and cybersecurity. Consider these nine resolutions to enhance the security posture of your healthcare organization:

1. Passwords Audit
   Kick off the year by ensuring that all passwords are not only unique but also strong. We recommend passphrases due to their long and memorable nature. Regularly audit and update passwords to fortify your defenses against unauthorized access.
2. Training Check
   Confirm that all active employees have completed their annual HIPAA and cybersecurity training. Encourage getting training done sooner than later to keep your workforce well-versed in the latest security practices and compliance requirements.
3. Policy and Procedure Review
   Take the time to review all policies and procedures at least annually. Ensure that they align with the latest regulations and address the unique risks faced by your organization. Once reviewed by management, encourage users to read them as well, since signing off on policies is required under HIPAA.
4. Strategic Planning
   Review the risk assessment work plan and develop a schedule for addressing the recommendations throughout the year. Sticking to a plan will depend on the size and risk level of each task, but having a roadmap ensures steady progress.
5. Educational Cybersecurity Flyers
   Keep your team informed by updating an educational cybersecurity flyer in the breakroom every month. We provide these resources in our newsletter every other week. These flyers provide a visual reminder of security best practices in a high-traffic area.
6. Phishing Campaigns
   Implement regular phishing campaigns to test and strengthen your employees’ ability to recognize and thwart phishing attacks. This proactive approach enhances overall cybersecurity awareness.
7. Desk Security
   Cultivate a culture of security by enforcing the habit of locking computers every time employees leave their desks. This simple step can prevent unauthorized access and protect sensitive information.
8. Audit Log Reviews
   Schedule monthly reviews of audit logs to promptly identify and address any suspicious activities. Regular monitoring enhances your ability to detect and respond to potential security incidents.
9. User Roster Maintenance
   If you’re a HIPAA Secure Now client, ensure your user roster is up to date. Remove previous employees promptly to deactivate their access, keeping your user list accurate and within your subscription tier.

By adopting these resolutions, your healthcare organization can navigate the evolving landscape of cybersecurity and maintain a strong commitment to HIPAA compliance throughout the coming year. Here’s to a secure and successful 2024!

This article was originally published on HIPAA Secure Now! and is republished here with permission.