AMA, HITRUST partner to improve cybersecurity in vulnerable physician practices

Two national organizations will provide practices with targeted advice on how to improve cybersecurity.

Small medical practices, which often lack the resources of larger organizations, will get some help to improve their cybersecurity posture and protect patient information.

HITRUST and the American Medical Association announced they are partnering to provide education on cyber risk management with workshops planned around the country to educate physicians and practice staff on cyber assessments, preparedness and response.

The two-hour workshops will provide education on key areas of risk management, HIPAA compliance and cybersecurity targeted to small practices. The workshops will be held at various locations around the country in conjunction with HITRUST’s Community Extension Program.

Product Spotlight

Top-Rated Mobile App for Health Insurance Members

Zipari’s Mobile App is the smarter, easier, and better way for payers to engage members on the go and directly in the palm of their hands. Members can find the right doctors, receive notifications, send messages, view claims, track spending, talk to a nurse, download ID card, and more. It’s ready to install and launch in a few months.

The first workshop, hosted by Children’s Health in Dallas, will be held October 9. More information on dates and locations will be posted on the HITRUST web site.

Two recent global ransomware attacks, including the WannaCry attack in May to the United Kingdom’s hospital system, highlighted the potential dangers of network disruptions in the healthcare environment and cybersecurity experts have warned that subsequent attacks could have a much more devastating impact on patient safety.

“Trying to determine the best way to secure my practice from cyberthreats was a significant—and at times, overwhelming—undertaking,” J. Stefan Walker, M.D., a physician in a small practice in Corpus Christi, Texas, said in the announcement. Many education programs are geared toward larger healthcare organizations and are not practical for a practice with only a handful of employees, he said.

A report released by the HHS Cybersecurity Task Force in June indicated that a "severe" cybersecurity workforce shortage and a lack of resources available to small and medium-sized providers were among the biggest risks facing the industry. 

The workshops will cover topics, including:

  • How to perform cyber and HIPAA risk assessments.
  • Fundamentals of good cyber hygiene.
  • How to implement cost-effective and manageable cybersecurity solutions within a practice.
  • Lessons learned from other physician practices.

Children’s Health has used the program developed by HITRUST in over 50 of its associated physician practices and has had no undetected and unmitigated cyber events, according to Pamela Avora, the organization's CIO.

Suggested Articles

Telehealth giant Teladoc is acquiring virtual care company Livongo in a deal valued at $18.5 billion.

Historically, very few groups outside of health care have had reason to collect information about personal health but the coronavirus changed that.

A new survey sheds light on how Medicare-eligible seniors have embraced technology for their healthcare needs during the pandemic.