News and Information

Frightening Cybersecurity Risks in Healthcare Today

Female doctor with white lab coat and a blue stethoscope around her neck has her arms crossed and standing next to a table with an open laptop on it

Cybersecurity risks in the healthcare industry are becoming more and more prominent. In early October, a cyberattack hit CommonSpirit, the second largest U.S. nonprofit hospital chain, disrupting its medical services nationwide. In 2021, 45 million individuals were affected by healthcare attacks while breaches reached an all-time high of 679 that same year.

These aren’t just alarming statistics. They are a growing trend of cyberattacks that are hitting the nation’s healthcare systems big and small. Covid-19 forced us to use telemedicine and a remote workforce in ways that were untested for the security needed, opening more avenues for attacks.

A recent article by Healthcare Financial Management (HFMA) titled, Healthcare’s cybersecurity stakes reach alarming levels, talks about the risks that healthcare providers and systems face when it comes to cybercrime. It highlights the need for greater importance placed on cybersecurity and potential government assistance, but it comes down to putting an emphasis on what your facility can do about these attacks now.

Attacked from all Angles

When it comes to cyberattacks, there are no rules and they can come from many places. Currently, hospitals have multiple online. These can range from those used for direct patient care to patient payment portals. With remote workers constantly being connected to the internet, the most popular attacks are Remote Desktop Protocol attacks, phishing emails and software vulnerabilities. Cyberattacks can also come through third party vendors that have access to your data and networks. How do you protect your system from an attack you have no control over?

When it comes to your vendor partners and cybersecurity risks, you must have faith they are doing everything in their power to protect the data you entrust them with.

Who to Trust

When you are looking for an outside partner, it is important to know that they take cybersecurity seriously. Early Out and Bad Debt Collections touch sensitive patient data every day, offering cybercriminals a variety of inroads to your information. Each of these touchpoints must be protected, and one of the ways you can minimize cybersecurity risk is by asking your potential partners what precautions they are taking with your data. One measure you can ask about, is whether they are HITRUST CSF® Certified, which Americollect proudly is!

Trust HITRUST

Founded in 2007, HITRUST has championed programs, like Americollect, that safeguard sensitive information and manage information risk. HITRUST develops, maintains and provides access to its widely adopted common risk and compliance management frameworks, related assessments and assurance methodologies.

Americollect HITRUST Certified

Americollect has once again gone through the rigorous process to become HITRUST certified for the third straight year. The HITRUST CSF® Certification applies to Americollect’s Debt Collection System, SFTP server, and the Americollect network and infrastructure environment, which serves both AmeriEBO and Americollect in Early Out and Bad Debt Collections. It also helps mitigate cybersecurity risk that providers face when supplying data to their vendors. This certification validates the expertise and professionalism of the Americollect employees who strive to uphold the highest levels of privacy, security and compliance measures, all while being Ridiculously Nice.

Trust Americollect

Receiving the HITRUST CSF® Certification status shows that an organization has met key regulations and industry-defined requirements while appropriately managing risk. This achievement places Americollect in an elite group of organizations worldwide that have earned this certification. The HITRUST CSF® was developed to address the multitude of security, privacy, and regulatory challenges facing organizations, including cybersecurity risks in healthcare. By including federal and state regulations, standards, and frameworks, and incorporating a risk-based approach, the HITRUST CSF® gives organizations a comprehensive and flexible framework of prescriptive and scalable security controls.

Where Does This Leave Us?

Cyberattacks are on the rise in the healthcare field, and there’s no sign it is going to slow down. In fact, if anything it’s ramping. Attacks can come from anywhere but knowing your third party vendors, like Americollect, are going above and beyond to ensure the safety of your data, is important to us and that is Ridiculously Nice. Contact us today to find out what Americollect is doing to protect your data every step of the way.

Ridiculously Nice Legal Disclaimer

The content provided in this communication (“Content”) is presented for educational and general reference purposes only. Americollect, Inc and/or AmeriEBO LLC either directly or indirectly through speakers, independent contractors, or employees (collectively referred to as “Americollect”) is providing this Content as a courtesy to be used for informational purposes only. The Contents are not intended to serve as legal or other advice. Americollect does not represent or warrant that the Content is accurate, complete, or current for any specific or particular purpose or application. This information is not intended to be a full and exhaustive explanation of the law in any area, nor should it be used to replace the advice of your own legal counsel. By using the Content in any way, whether or not authorized, the user assumes all risk and hereby releases Americollect from any liability associated with the Content.

Join our mailing list

Sign up to receive email updates on current information impacting the healthcare field and revenue cycle.