2. Assess risk management plans to make sure that measures to reduce vulnerabilities identified. Adopt
            the  best  practices  used  in  healthcare.  It’s  a  must  to  use  unique  IDs,  strong  passwords,  role-based
            permissions, auto time-out and screen lock.

            3.  Compare  HIPAA  and  other  cyber-related  policies  and  procedures  against  legal  and  regulatory
            obligations, and ensure they are updated based on the results of your most recent risk analysis.

            4. Expect the unexpected. Prepare safety incident response plans that meet HIPAA requirements and
            other applicable laws for your business to be ready to respond to a possible data breach. Besides, leave
            some room in your strategy for the unexpected. This could include everything from hacker attacks to
            natural disasters, threatening your healthcare records, and other vital assets.

            5. Create backups and develop a recovery plan. While creating backups seems like a common-sense
            thing, it can be missed in a small practice environment. Ensure that the medium used to store your backup
            data is safe and cannot be wiped out by an attack that would take down your office systems.

            6. Make additional investments in people, processes, technology, and management. Defending digital
            assets can no longer be delegated solely to the IT staff. Instead, security planning needs to be blended
            into new product and service, security, development plans, and business initiatives.

            You can't afford to neglect cyber security or compliance. That is why it is critical to match them together
            in a secure network that protects your patients and your reputation.






            About the Author

            From 2017 as a CTO at Zfort Group, Andrew Mikhailov concentrates on
            growing the company into the areas of modern technologies like Artificial
            Intelligence,  BigData,  and  IoT.  Being  a  CTO,  Andrew  doesn’t  give  up
            programming himself because it is critical for some of the projects Andrew
            curates as a CTO.



            Andrew      LinkedIn:      https://www.linkedin.com/in/andrew-mikhailov-
            66571912/

            Contact Andrew: [email protected]














            Cyber Defense eMagazine – August 2020 Edition                                                                                                                                                                                                                        108
            Copyright © 2020, Cyber Defense Magazine.  All rights reserved worldwide.