Project Description

Healthcare hacks grow – 4 steps for better cybersecurity


Nowadays computer systems are a key factor for any business to be successful. However, it’s been a tough time for cybersecurity professionals in healthcare. Many healthcare organisations have suffered ransomware attacks (with an increase in frequency post pandemic). Critically, the attacks’ impact reached beyond finance and operations, to affect clinical care. These challenges forced many companies into moving their service to cloud-based software, as well as add infrastructure to prevent further security threats or operation disruption.

At CodeBlue, we helped our healthcare customers upgrade their existing computing environment, consult on new security solutions and provided cybersecurity awareness training to employees. Here are 4 practices CodeBlue suggests for better healthcare IT security.

Phat Truong – Senior System Engineer

Risk assessment

It is important that all providers and practitioners take the time to evaluate the risks associated with their practice. There are many things to consider including:

  • Whether you have a risk management plan in place?
  • Have you talked to your insurance company about coverage for certain scenarios – such as a security attack or data loss?
  • Do you have a patient privacy policy in place?
  • Do you have an emergency plan, should something go wrong during a security attack or system failure?

The most important undertaking is to evaluate the risks associated with your healthcare practice.

Ensure HIPAA compliance

The HIPAA Security Rule doesn’t require email archiving. It does require that covered entities (such as health systems and healthcare providers) keep electronic records for at least 6 years.

For electronic health information to be secure and compliant with this rule, it is necessary for access, audit and encryption controls to be in place. Email archiving or secured messaging can ensure that this requirement is met.

Embrace a threat-centric approach

Cybersecurity is a rapidly evolving field with new threats emerging every day. Threat-centric or threat-informed approaches can help organisations better understand the risks and stay ahead of attackers.

Similar to building cyber resilience, taking a threat-centric (or threat-informed) approach to cybersecurity assumes threats exist and pose a real risk to an organisation. This approach has three general components:

  • Modelling monitors, systems and devices to identify vulnerabilities.
  • Hunting actively for endpoints that could be exploited.
  • Gathering intelligence through a combination of commercial, open-source and government threat feeds.

By taking this approach, organisations are much better equipped to respond to threats and reduce their vulnerabilities.

Adopt zero trust security

The typical healthcare organisation has a lot of people outside of the company providing services. This may include physicians, facility workers, and a range of third-party partners.

This makes the zero trust security model more vital. It means that you can’t trust any user or device until it’s verified. Solutions such as identity governance and administration (IGA), privileged access management (PAM), and multi-factor authentication (MFA) help ensure the right users have access to the right systems, at the right time. Users cannot access what they don’t need to do their job.

Want to learn more about the specific strategies CodeBlue uses to protect healthcare clients? Reach out at