Issue link: https://beckershealthcare.uberflip.com/i/1383677
81 CIO / HEALTH IT World Password Day: 10 tips and insights for hospital leaders By Hannah Mitchell I n honor of World Password Day on May 6, Becker's Hospital Review compiled tips and insights to make passwords strong. Ten tips and insights for hospital leaders: 1. e FBI said that simple passwords, even those with special characters, are easy for a cyberattacker to figure out. 2. e FBI suggests that instead of using short and complex passwords, use long passwords that combine multiple words. e FBI gave the example "TechTuesday- 2021Strenghten!" 3. e FBI suggests that your email, fi- nancial and health accounts have unique passwords and that they are as long as your system will allow. 4. Always set up multifactor authentication on your accounts when it is offered and do not allow password hints. 5. e FBI and Cybersecurity and Infra- structure Security Agency recommend that healthcare leaders should regular- ly review the organization's password management program. 6. A hospital's IT support team should set standard operating procedures for password resets of user account lockouts. 7. Researchers found that the most com- mon password for healthcare employees is "123456." 8. Aside from sequential numbers, the two most common passwords from employees worldwide are "qwerty" and "password." 9. In a survey, 44 percent of respondents said they reuse passwords between work and personal accounts. 10. Fiy-seven percent of survey respon- dents said they save their passwords on sticky notes. n Healthcare hackers demand $4.6M in ransom on average + 6 other report findings By Hannah Mitchell A s healthcare data breaches are surging, so are ransom demands, with hackers asking for $4.6 million on average, according to an April 29 report published by BakerHostetler. The report examines 1,250 data security incidents in 2020 to identify cybersecurity trends. Seven reportfindings: 1. Fifty-eight percent of data breaches were caused by network intru- sion, displacing phishing (24 percent), which held the top spot for the five previous years. 2. One in 5 data breaches were in the healthcare sector, compared to 23 per- cent in the education sector, 11 percent in manufacturing, 10 percent in fi- nance and 10 percent in business services. 3. The average initial ransom demanded in the healthcare industry by threat actors is $4,583,090. 4. The largest ransom demand in 2020 for all sectors was more than $65 mil- lion, compared to $18 million in 2019. 5. The largest ransom paid in 2020 for all sectors was $15 million, tripling the highest ransom payment of $5 million in 2019. 6. The average ransom paid by healthcare companies was $910,335. 7. The average number of individuals affected by a breach was 39,180. n KLAS: Most providers feel prepared for new info blocking rules, but unsure if they'll improve interoperability By Jackie Drees M ost larger healthcare orga- nizations are prepared for ONC's information block- ing rules, but not as many hospitals and health systems feel confident that the regulations will support any improvements to healthcare in- teroperability, according to a KLAS Research report. For its Information Blocking Flash In- sights 2021 Report, KLAS surveyed healthcare organizations to get their opinions on preparedness for the new rules, which went into effect April 5. Here's what respondents said about their organization's level of pre- paredness for the information block- ing requirements: • Very prepared: 21 percent • Prepared: 50 percent • Neutral: 17 percent • Unprepared: 7 percent • Very unprepared: 5 percent Most providers expressed confidence in their EHR vendor's ability to meet the rule requirements, with 45 respon- dents saying they were very confident or confident, followed by 10 who were doubtful or very doubtful. n