Virginia hospitals develop new guidelines to protect against cyber threats

Posted at 1:15 PM, May 17, 2017
and last updated 2017-05-17 13:15:02-04

VIRGINIA  – Virginia hospitals have developed new guidelines to protect patients’ information after the recent global ransomware attack that hit at least 150 countries and infected 200,000 machines.

Virginia Hospital & Healthcare Association’s Board of Directors brought together a Cybersecurity Task Force to develop the set of guidelines.

The guidelines were finalized by the Task Force, which includes health care information security officers from hospitals and health systems across the Commonwealth.

  • The guidelines are a set of precautionary standards organized around three key principles:
    Educate all personnel during orientation and on an ongoing basis about safe, responsible use of computer systems to help avoid infiltration.
  • Develop and implement a prevention plan that operates automatically and is an integral part of a health system’s processes and security protocols.
  • In the event of a security breach, implement the established security incident response and continuity plan.

“For all the convenience and enhanced productivity that technology provides, it is an unfortunate reality of modern life that digital criminals are lurking online to turn technology against us for their own nefarious purposes,” said VHHA President and CEO Sean T. Connaughton. “The hospital community is one of many industries around the globe that is well aware of these threats. In Virginia, our hospitals and health systems remain on guard against potential breaches. Our members have done that by advocating for new laws to toughen criminal penalties for cyberattacks targeting health care records, and by working collaboratively to prepare the new cybersecurity guidelines.”

The Task Force developed recommendations based on the current state of affairs and will update the guidelines as appropriate to respond to new developments, safety protocols and emerging threats.