AMA, HITRUST partner to improve cybersecurity in vulnerable physician practices

Cybersecurity
Two national organizations will provide practices with targeted advice on how to improve cybersecurity.

Small medical practices, which often lack the resources of larger organizations, will get some help to improve their cybersecurity posture and protect patient information.

HITRUST and the American Medical Association announced they are partnering to provide education on cyber risk management with workshops planned around the country to educate physicians and practice staff on cyber assessments, preparedness and response.

The two-hour workshops will provide education on key areas of risk management, HIPAA compliance and cybersecurity targeted to small practices. The workshops will be held at various locations around the country in conjunction with HITRUST’s Community Extension Program.

Free Daily Newsletter

Like this story? Subscribe to FierceHealthcare!

The healthcare sector remains in flux as policy, regulation, technology and trends shape the market. FierceHealthcare subscribers rely on our suite of newsletters as their must-read source for the latest news, analysis and data impacting their world. Sign up today to get healthcare news and updates delivered to your inbox and read on the go.

The first workshop, hosted by Children’s Health in Dallas, will be held October 9. More information on dates and locations will be posted on the HITRUST web site.

Two recent global ransomware attacks, including the WannaCry attack in May to the United Kingdom’s hospital system, highlighted the potential dangers of network disruptions in the healthcare environment and cybersecurity experts have warned that subsequent attacks could have a much more devastating impact on patient safety.

“Trying to determine the best way to secure my practice from cyberthreats was a significant—and at times, overwhelming—undertaking,” J. Stefan Walker, M.D., a physician in a small practice in Corpus Christi, Texas, said in the announcement. Many education programs are geared toward larger healthcare organizations and are not practical for a practice with only a handful of employees, he said.

A report released by the HHS Cybersecurity Task Force in June indicated that a "severe" cybersecurity workforce shortage and a lack of resources available to small and medium-sized providers were among the biggest risks facing the industry. 

The workshops will cover topics, including:

  • How to perform cyber and HIPAA risk assessments.
  • Fundamentals of good cyber hygiene.
  • How to implement cost-effective and manageable cybersecurity solutions within a practice.
  • Lessons learned from other physician practices.

Children’s Health has used the program developed by HITRUST in over 50 of its associated physician practices and has had no undetected and unmitigated cyber events, according to Pamela Avora, the organization's CIO.

Suggested Articles

While UPS didn't say which vaccine it would be using in the project, Reuters confirmed with pharma giant Merck that it is looking at participating.

Too many barriers block medications that treat opioid use disorders.

A missed, failed, or wrong diagnosis is the top allegation in malpractice claims involving children ages one month to 17 years, an analysis found.