• Politics
  • Diversity, equity and inclusion
  • Financial Decision Making
  • Telehealth
  • Patient Experience
  • Leadership
  • Point of Care Tools
  • Product Solutions
  • Management
  • Technology
  • Healthcare Transformation
  • Data + Technology
  • Safer Hospitals
  • Business
  • Providers in Practice
  • Mergers and Acquisitions
  • AI & Data Analytics
  • Cybersecurity
  • Interoperability & EHRs
  • Medical Devices
  • Pop Health Tech
  • Precision Medicine
  • Virtual Care
  • Health equity

5 Email Security Tips Healthcare Employees Should Know

Article

Basic email security protocols can help health systems defend against data breaches.

email security,phishing healthcare,healthcare email

We rely on email for the majority of our business communication, including in healthcare. Worldwide, approximately 200 billion emails are sent each day. But the surge in popularity of email has brought about a new form of data security threat. Professionals are increasingly becoming targets of cyberattacks, and email is the preferred entry point.

>> READ: To Fight Phishing, Let’s Look at Fatigue

In hospitals and other provider organizations, email attacks have resulted in data breach after data breach. And these cyberattacks have wrought devastating consequences for healthcare organizations, who suffered monetary penalties and reputational harm.

However, there’s no need to lose sleep over email security. There are steps that healthcare organizations and their employees can take to ward off hackers and those looking to steal data by illegally accessing emails. Here are five quick tips to boost email security, for you or an entire health system staff.

Use a Strong Password

Guessing usernames and passwords is one of the most common ways hackers use to access email accounts, believe it or not, be it manually or in a brute-force attack. Creating a strong password, especially with a password generator, greatly reduces the possibility of hackers accessing an email account. Ideally, passwords should be long and unique — in the sense that nobody in the service uses the same password as you.

A strong password should consist of uppercase and lowercase letters with numbers and special characters. Placement is also key. Sandwich special characters in the middle instead of placing them at the very end. Do the opposite of what seems predictable — common sense goes a long way when it comes to passwords.

Healthcare employees should also consider using two-factor authentication to boost their email security. Two-factor authentication sends a secondary password to a user’s phone when logging in to their email account. The secondary password expires in a few minutes and can only be used one time. Even with the password in hand, hackers will not be able to access an email account if the owner has enabled two-factor authentication.

Use Email Encryption

In today’s cybersecurity landscape, it’s imperative to be proactive when it comes to data security. For instance, users should encrypt emails with a reliable encryption service such as Pretty Good Privacy (PGP) to protect them from being intercepted or being read by other parties other than the intended recipients. Using PGP to protect emails means that account holders no longer have to rely on a bunch of random servers for email security. While it’s still possible for hackers to breach email security even with encryption, the chance of a successful attack greatly reduces.

Activate Transport Layer Security (TLS)

Transport Layer Security, or TLS, encrypts the connection between a device and the website that it is connected to, as well as the connection between email servers. Activating TLS encrypts emails between a computer and email server, making it very difficult for hackers to intercept communications. Ensure that emails are sent over an encrypted channel when using external email clients such as Outlook or Apple Mail.

Don’t Click on Unknown Images and Links

Advertisers and newsletter providers often use images to track the reach and effectiveness of their efforts. The images come embedded with tracking code, and when the recipient opens the message containing the image, their identity is revealed to the mailing administrator. Sometimes, the images also contain links that lead to sites that contain malware. You can disable the tracking code by changing the settings in your email provider to prevent external images from loading by default. If you don’t recognize a link or are not sure why it was sent to you, don’t open it.

Be Wary of Attachments from Unknown Senders

Did you know that nine out of ten malware and viruses on our computers are delivered via email attachments? Well, now you do. Be extra careful when opening attachments in your email inbox. If you receive an email attachment from an unknown sender, don’t open it. If you have to, don’t open without thoroughly scanning it first. Hackers often disguise themselves as popular companies to trick you to open attachments and download malicious software to your computer. The most commonly infected formats are PDF, XLS, and doc.

Healthcare has more to lose than any other industry when it comes to email security. Ensuring that you and your health system employees understand — and use — these basic protocols can save the organization from great pain down the line.

Get the best insights in healthcare analytics directly to your inbox.

Related

If You Can’t Beat the Hackers, Join Them

Phishing Emails Play on Our Fear of Failure

Inexpensive Actions Against Expensive Data Breaches

Related Videos
Image: Ron Southwick, Chief Healthcare Executive
Related Content
Image credit: ©tippapatt - stock.adobe.com

Healthcare mergers may face more questions about cybersecurity

April 18th 2024
Article

In the wake of the Change Healthcare attack, regulators may look more closely at protections for data privacy as they examine deals, experts say.

The rise of third party cyberattacks in healthcare | Data Book podcast

The rise of third party cyberattacks in healthcare | Data Book podcast

March 11th 2024
Podcast

Dan Dodson, the CEO of Fortified Health Security, talks about the risks to hospitals, AI in attacks and defense, and what health systems can do to protect themselves.

Image credit: American Hospital Association

Change Healthcare cyberattack: Health leaders ask Congress for help with cybersecurity

April 17th 2024
Article

During a House panel hearing on the attack, hospital and health industry leaders urge lawmakers to help deal with attacks from ransomware groups.

Hospitals face evolving threats from cyberattacks | Data Book podcast

Hospitals face evolving threats from cyberattacks | Data Book podcast

December 7th 2023
Podcast

Michael Hamilton, founder and chief information security officer of Critical Insight, talks about trends in attacks and emerging threats in the coming year.

Image: Ron Southwick, Chief Healthcare Executive

Change Healthcare cyberattack: Lawsuits emerge, and more are coming

April 5th 2024
Article

Several suits have already been filed and others are expected due to the ransomware attack that has affected hospitals and providers nationwide.

Image: Ron Southwick, Chief Healthcare Executive

American Hospital Association CEO talks about Change Healthcare ransomware attack and cybersecurity

April 4th 2024
Article

Rick Pollack discussed the cyberattack and its ramifications at the Hospital + Healthcare Association of Pennsylvania Leadership Summit.

© 2024 MJH Life Sciences

All rights reserved.