AMA, HITRUST partner to improve cybersecurity in vulnerable physician practices

Two national organizations will provide practices with targeted advice on how to improve cybersecurity.

Small medical practices, which often lack the resources of larger organizations, will get some help to improve their cybersecurity posture and protect patient information.

HITRUST and the American Medical Association announced they are partnering to provide education on cyber risk management with workshops planned around the country to educate physicians and practice staff on cyber assessments, preparedness and response.

The two-hour workshops will provide education on key areas of risk management, HIPAA compliance and cybersecurity targeted to small practices. The workshops will be held at various locations around the country in conjunction with HITRUST’s Community Extension Program.


2019 Drug Pricing and Reimbursement Stakeholder Summit

Given federal and state pricing requirements arising, press releases from industry leading pharma companies, and the new Drug Transparency Act, it is important to stay ahead of news headlines and anticipated requirements in order to hit company profit targets, maintain value to patients and promote strong, multi-beneficial relationships with manufacturers, providers, payers, and all other stakeholders within the pricing landscape. This conference will provide a platform to encourage a dialogue among such stakeholders in the pricing and reimbursement space so that they can receive a current state of the union regarding regulatory changes while providing actionable insights in anticipation of the future.

The first workshop, hosted by Children’s Health in Dallas, will be held October 9. More information on dates and locations will be posted on the HITRUST web site.

Two recent global ransomware attacks, including the WannaCry attack in May to the United Kingdom’s hospital system, highlighted the potential dangers of network disruptions in the healthcare environment and cybersecurity experts have warned that subsequent attacks could have a much more devastating impact on patient safety.

“Trying to determine the best way to secure my practice from cyberthreats was a significant—and at times, overwhelming—undertaking,” J. Stefan Walker, M.D., a physician in a small practice in Corpus Christi, Texas, said in the announcement. Many education programs are geared toward larger healthcare organizations and are not practical for a practice with only a handful of employees, he said.

A report released by the HHS Cybersecurity Task Force in June indicated that a "severe" cybersecurity workforce shortage and a lack of resources available to small and medium-sized providers were among the biggest risks facing the industry. 

The workshops will cover topics, including:

  • How to perform cyber and HIPAA risk assessments.
  • Fundamentals of good cyber hygiene.
  • How to implement cost-effective and manageable cybersecurity solutions within a practice.
  • Lessons learned from other physician practices.

Children’s Health has used the program developed by HITRUST in over 50 of its associated physician practices and has had no undetected and unmitigated cyber events, according to Pamela Avora, the organization's CIO.

Suggested Articles

Inmediata Health Group notified patients last month that their personal health data was potentially exposed due to a misconfigured website.

As an “Avengers: Endgame” fan, I couldn’t help but see a reflection of our imperfect health system in the movies’ characters.

Senate lawmakers released a draft package of legislation aimed at curbing healthcare costs they believe they can pass on a bipartisan basis.