Cyber Risk Is Growing. Are You Prepared?

In 2024, Change Healthcare, a major health payment processing company, experienced a data breach that exposed sensitive patient information. This incident raised widespread concern in the Durable Medical Equipment, Prosthetics, Orthotics and Supplies (DMEPOS) industry and many healthcare organizations because it exposed the serious consequences of inadequate cybersecurity measures. Such incidents are not uncommon, as cyber-attacks and data breaches have become increasingly frequent across various industries over the past few decades. For example, The Walt Disney Company recently experienced a massive cyberattack where more than one terabyte of data from its internal communications platform, Slack, was leaked. Slack is a cloud-based hub that lets employees communicate in real time and share files. Due to the cyberattack, information about Disney’s unreleased projects, login credentials, links to internal web pages, and more were released. The Centers for Medicare & Medicaid Services (CMS) requires DMEPOS businesses to have a preparedness plan on file. Although CMS’ website provides a few tips on what to include in these plans, such as ensuring they generally account for “communications” and “data storage,” their primary requirement addresses physical preparedness for natural disasters such as hurricanes and tornados, leaving significant gaps in guidance on cybersecurity threats. With healthcare becoming increasingly focused on digital solutions, it’s imperative for facility owners to strengthen their defenses to protect their businesses, staff, and patients. There are simple ways to fortify your digital defense. Consider implementing the following cybersecurity measures: Staff Training Keeping information safe is everyone’s responsibility, thus it is important to provide routine cybersecurity training so your employees can recognize and respond appropriately to potential cyber threats. At BOC, we meet frequently to discuss these threats, especially those related to email, and regularly quiz our team by issuing periodic phishing alerts. During our meetings, we discuss challenges, successes, and lessons learned to foster a culture of continuous improvement and resilience. Two-factor Authentication Two-factor authentication (commonly known as 2FA or multifactor authentication) tightens security by requiring employees to verify their identity through multiple methods. Examples include using a token or sending a one-time password to a registered cell phone number to gain access. Implementing 2FA is a crucial step in safeguarding your systems and is essential in today’s digital landscape. Password Management Weak passwords pose a significant security risk. By today’s standards, simply altering a few characters or using the same password for different accounts is insufficient. Likewise, keeping a handwritten log or spreadsheet of credentials is a serious risk. Businesses should consider investing in a digital password manager to help protect accounts from unauthorized access. At BOC, we employ tools specifically designed to create and manage strong, unique passwords across various systems to ensure the security of our information. In addition to implementing the simple but crucial methods above, we highly recommend collaborating with a reputable provider to oversee your cybersecurity. Because it is an ever-evolving field, it demands continuous attention and expertise. A trustworthy partner can proactively monitor potential issues and offer customized recommendations for improvement. As an accrediting organization, like BOC, guides owners and staff through the accreditation process, a reliable cybersecurity partner can provide essential support to protect your business and patients. Wil Townsend, MSIT, is the director of technology and operations of the Board of Certification/Accreditation (BOC). He can be contacted at wil.townsend@bocusa.org. Image: Song_about_summer /stock.adobe.com

Cyber Risk Is Growing. Are You Prepared?

Medicare Expands Coverage for Microprocessor Knees for K2 Beneficiaries

SFCC Brings Hybrid Education to O&P Tech Program

SFCC Brings Hybrid Education to O&P Tech Program

Get unlimited access!

O&P JOBS

CO and Technician

CP, CPO, Technician

Orthotist / Prosthetist

Are you sure want to unlock this post?

Are you sure want to cancel subscription?

The most important industry news and events delivered directly to your inbox every week.

Welcome Back!

Retrieve your password

Are you sure want to unlock this post?

Are you sure want to cancel subscription?

Cyber Risk Is Growing. Are You Prepared?

Support authors and subscribe to content

Subscribe

Related posts:

Medicare Expands Coverage for Microprocessor Knees for K2 Beneficiaries

SFCC Brings Hybrid Education to O&P Tech Program

SFCC Brings Hybrid Education to O&P Tech Program

Get unlimited access!

O&P JOBS

CO and Technician

CP, CPO, Technician

Orthotist / Prosthetist

Login to your account

Reset Password

Are you sure want to unlock this post?

Are you sure want to cancel subscription?

Account Activation

The most important industry news and events delivered directly to your inbox every week.

Welcome Back!

Retrieve your password

Login to your account

Reset Password

Are you sure want to unlock this post?

Are you sure want to cancel subscription?

Account Activation