Cybersecurity in the healthcare setting

Email Security

HIPAA

Physical Security

Network Security

Types of Cyberattacks

100

This is considered a top threat with email communication.

What is phishing?

(HIMSS,2023)

100

Physician practices, ambulatory surgical centers, hospitals, long-term care facilities, health plans, healthcare clearinghouses

What are covered entities under HIPAA?

(HIMSS, 2023)

100

The three main components of this are access control, surveillance, and testing

What is the physical security framework?

(Cobb, 2023)

100

Monitors incoming and outgoing traffic and allows or prevents the traffic from being transmitted

What is a Firewall?

(Cisco, 2023)

100

Links or attachments in emails contain malware intending to steal ones information

What is Phishing?

(Narasimman, 2023)

200

This is what phishing emails use to infect the files on a computer

What is malware?

(HIMSS,2023)

200

Sets forth permitted and required uses and disclosures of protected health information.

What is the HIPAA Privacy Rule?

(HIMSS, 2023)

200

Organizations may use ID scanners and Near Field Communication for entrance into secure areas

What is access control?

(Cobb, 2023)

200

Scans network traffic to actively block attacks

What are Intrusion Prevention Systems?

(Cisco, 2023)

200

Data is encrypted and money is demanded to decrypt the data. This may cause hospital machines to become inoperable

What is Ransomware?

(Narasimman, 2023)

300

This type of email usually includes a link that seems legitimate when in reality, it can lead to an attack on your computer

What is a phishing email?

(HHS 405 (d), 2023)

300

Sets forth requirements for electronic protected health information.

What is the HIPAA Security Rule?

(HIMSS, 2023)

300

This may lead to compromise of a computer or laptop

What is unauthorized physical access?

(HIMSS, 2023)

300

Encrypts the connection from an endpoint to a network

What is a Virtual Private Network (VPN)?

(Cisco, 2023)

300

Cybercriminals snoop on private user information during data transfers or discussions

What are man-in-the-middle (MITM) attacks?

(Narasimman, 2023)

400

How sensitive data being sent via email should be formatted

What is encryption?

(Daivs, 2021)

400

Requires HIPAA covered entities and their business associates to provide notification following a breach of unsecured protected health information.

What is the HIPAA Breach Notification Rule?

(HIMSS, 2023)

400

One of the most important components of physical security for both prevention and post incident recovery

What is surveillance?

(Cobb, 2023)

400

Ensures staff does not send sensitive information outside the network

What is Data Loss Prevention?

(Cisco, 2023)

400

Cache poisoning, HTTPS spoofing, that target wired and wireless networks

What are network vulnerability attacks?

(Narasimman, 2023)

500

This group of people have been identified as the largest threat to healthcare with email being one method they use to cause problems

What are insiders?

(Daivs, 2021)

500

Records related to drug and alcohol abuse, HIV-related information, and the like.

What is super protected health information?

(HIMSS, 2023)

500

Log and trail maintenance, Risk-based approach, Accountable access control are examples of ...

What are physical security examples?

(Cobb, 2023)

500

Number one threat vector for a security breach

What is email?

(Cisco, 2023)

500

Cybercriminals disguises themselves as a legitimate user with the intention to deploy malware and obtain user information to commit crimes. Email and phone numbers are not stolen

What is Spoofing?

( Lenaerts-Bergmans , 2023)