How to Protect Your Critical Provider Endpoints

If there’s one thing that IT systems in a healthcare setting need to do, it’s to make sure that physicians and other providers can safely and effectively care for patients.

The electronic health record (EHR) systems used by these providers have improved the delivery of care with more complete patient records, reduced prescribing errors, and improved diagnoses and preventive care. In addition, data analytics and medication tracking bring new efficiencies and opportunities that were just not possible with paper-based charting of the past. However, this dependency on technology also results in a potential patient-safety issue if the device running a critical application such as an EHR were to become unusable. Delayed patient care due to cyberattack can lead to poor outcomes or even loss of life.

Delayed patient care due to cyberattack can lead to poor outcomes or even loss of life.

That’s why protecting the endpoint devices that providers use – from tablets, laptops, or office computers to the workstations in patient rooms or nursing stations – is so critical.

Threats and penalties increase

Over the last few years, there has been an increase in the number of threat actors, phishing campaigns, and ransomware incidents that have disrupted the delivery of care. The Department of Health and Human Services (HHS) received reports of breaches from 578 healthcare organizations in 2021, impacting 41.45 million individuals.

Beyond the impact to patient care when providers can’t access their systems, there are also significant financial impacts. Those range from ransomware that can be hundreds of thousands of dollars, to downtime costs that add five to ten times that cost. And potential fines for a breach are not insignificant. HHS has established four penalty tiers for failure to protect PHI:

• First Tier: $100-$50,000 per incident (up to $1.5M)
• Second Tier: $1,000-$50,000 (up to $1.5 M)
• Third Tier: $10,000-$50,000 (up to $1.5M) per incident
• Fourth Tier: at least $50,000 (up to $1.5M) per incident

These are all key reasons why it is critical to use the right security strategies to protect the provider endpoint.

 

The importance of endpoint detection and response (EDR)

To be clear, many EHR software vendors have administrative and technical safeguards built into their applications, including lockouts and complex password policies and even logging. However, EHRs do not address the security of the underlying operating system on endpoints where the software runs.

EHRs do not address the security of the underlying operating system on endpoints where the software runs.

Malware today is polymorphic, meaning it can change rapidly to avoid detection and in turn, open the door to a ransomware attack. This makes is critical to protect the endpoint with technology that can address these sophisticated strains of malware that changes to avoid detection.

One of the best defenses is the use of endpoint detection and response (EDR). EDR detects malware and ransomware attacks in real time, using artificial intelligence and the cloud to detect anomalies such as fast-changing polymorphic malware. The EDR software then contains, tests, and eliminates the malware to protect the endpoint device. This stops the breach at the endpoint, which in turn stops the malware from spreading throughout your network. That means physicians and other providers can continue to care for patients without interruption, and the full array of business and clinical systems they depend on are also protected.

Physicians and other providers can continue to care for patients without interruption, and the full array of business and clinical systems they depend on are also protected.

Windows Virtual Desktop Technologies

Another strategy to protect the physician endpoint is to use a Windows virtual desktop, in which the Windows operating system runs on a host server in the cloud or in a secure datacenter. This allows physicians to access their EHR and patient records using a minimal endpoint device and secure connection wherever they are – in the clinic, from home, or on the road. Providers get all the benefits of security in the cloud while minimizing the risk that might be present with storing data on a local PC or laptop.

Providers get all the benefits of security in the cloud while minimizing the risk that might be present with storing data on a local PC or laptop.

For example, if a physician’s laptop were stolen, there would be no patient data stored on the machine since data is accessed remotely. The physician could connect from another device and resume work without fear their data has been compromised or that they may face a fine for a breach.

In addition to the increased security, a Windows virtual desktop also offers potential cost savings. Since the computer processing is done on a remote server, it doesn’t require as powerful a machine to run applications such as the EHR. The virtual desktop can also be deployed relatively quickly and facilitate secure remote access.

 

Discover the best approach to protecting your provider endpoints

EHR and other digital technologies have revolutionized the delivery of care, but that makes it even more critical that securing the physician endpoint is given top priority. EDR and virtual desktop technologies can be used as part of an overall security strategy to prevent breaches, protect patient data, and minimize the risk of fines. Contact us to explore your options!