In a recent blog, we explained Healthit.gov’s top 10 tips for healthcare facility cybersecurity. These tips were designed to assist smaller healthcare facilities such as optometrists, dentists, family physicians, etc. in gaining control of their electronic health records and preventing their patients’ data from falling into the wrong hands. Today, we are going to hone in on one of those tips. We will go into detail on the importance of having an industry standard firewall installed at your healthcare facility.
If your business is connected to the internet, you must have a firewall installed. There’s no going around it.
What does a firewall do?
A firewall’s purpose is to block external threats from entering a network. These threats could include malware, viruses, or criminal hackers. While virus software is also important to have, it is not enough. Antivirus takes care of threats that are already in the system, while firewalls stop threats from getting in at all. Healthit.gov gives the analogy of disease treatment (antivirus) vs. disease prevention (firewall). A firewall basically acts a filter that checks the information that is coming in and stops the information that it perceives as unsafe (according to a specific set of rules that a technician configures).
All industries and all businesses (large, medium, or small) need a firewall. However, the importance of data security is especially important in the healthcare industry, as more facilities are hacked and as the value of stolen health information rises. In an office, if a firewall is not in place, every computer that is connected to the network is vulnerable to anything that comes in.
The firewall that we sell at catmandu gives your business the following security features:
• Advanced email anti-spam and anti-phishing (when hosted on-site)
• Outbreak detection and mitigation for unknown threats
• Web filtering with rule-based and pattern-based definitions
• System and network monitoring with customizable alerts
• Web caching combines with web filtering to improve Internet browsing performance
• Targets and reduces: blended threats, spam, phishing, virii, spyware, undesired content
What are the options for firewalls?
A firewall can come in the form of a software program or a hardware device. Most operating systems have a software firewall that comes pre-installed. This firewall should definitely be enabled for protection right from the start. You can also opt to purchase a different type of software firewall if you want. While a software firewall might be good enough for a home office or personal computer, it won’t work for healthcare facilities. In fact, to be fully HIPAA compliant, you must have a physical firewall along with any software firewalls.
We have come across many healthcare facilities that aren’t aware that they need a firewall or they think they are already protected by the router that their internet service provider gave them. At catmandu, we sell our “Network Security Appliance” (NSA). It provides complete network protection that keeps malware, viruses, and intruders out. It is made-to-order and highly-configurable so you are protected in the areas that you need.
A hardware firewalls sits between the internet and the Local Area Network which allows for centralized management of the firewall, increased security, and uniform settings for all users.
How do I get started?
A hardware firewall needs to be installed and configured by a highly trained technician in order for it to work properly. It’s not like buying a laptop and booting it up for the first time. It is a complicated process. When we are installing your new firewall we will be setting up permissions. For example, the receptionists at your facility probably only need access to certain sites such as your email client and health insurance sites. We can set up their devices so they only have access to the sites they need. Your doctors probably need a lot more access but they still don’t need to go to some sites. We can set up their devices by allowing access to all sites except a few (especially those that are known to be unsafe). We can configure the firewall so that some devices have no internet access at all.
Once the firewall is ready to go and your business is protected, the information that goes through your firewall can be monitored. Threat notifications can be sent to your email. Or, if you sign up for a Managed Service Agreement, we monitor your network 24/7 and take care of issues before you even know about it.
To learn more and get started on protecting your valuable healthcare information, give us a call at 806-350-8324.