As the digital healthcare landscape is transforming for the better there is also an increased risk of cybersecurity threats and other phishing attacks. The use of Electronic Medical Records (EMR) Software systems and other solutions such as Patient portals have many benefits for both providers and patients, however, it has exposed data to cybersecurity risks. To lower the risk of cyber-attacks it is crucial for healthcare organizations to implement a powerful cybersecurity training program to inculcate a culture of cybersecurity among the employees.
How Northwell Health keeps its cybersecurity training and awareness program running?
The New York health system, Northwell Health prioritizes cybersecurity by running a proactive and robust training and awareness program for its staff members. The health system has more than 81,000 employees who receive security guidance and training regularly. This helps to ensure that the best cybersecurity protocols are followed to protect patient health information.
The cybersecurity training lets people working at Northwell Health understand what the risks and threats are and how they can protect their personal health information from being under target.
The importance of security training and awareness
A survey by the Center for Generational Kinetics (CGK) released in March 2022 revealed that poor password hygiene made healthcare organizations weak to cyber-attacks. Especially as the pandemic promoted remote working structures. 65% of the survey respondents disclosed using simple passwords to remember rather than selecting powerful password combinations.
A 2022 report by KnowBe4 found that regular security and training programs can reduce the chances of a phishing attack. Every person in the workforce must understand the importance of security training and use this awareness to reduce the possibility of a cyber-attack, hence participating actively to protect information.
Northwell Health has established a training program that is not a one-size fit. It is important to create a targeted and engaging program.
Targeted content for different personnel in the workforce
Northwell Health’s workforce has different responsibilities and roles. The program is designed to target different audiences using different approaches. Different training materials are used from formal training sessions to casual newsletters. Different and specified training is given to new employees, people working in IT, and employees dealing with finances.
The departments in the healthcare system that uses wire transfers go through targeted training as they are more vulnerable to some type of phishing attack.
A variety of cybersecurity content has been produced for different workforce members to deliver the greatest value out of these training programs run by Northwell Health.
Ensure to make security training engaging for the employees
To keep employees engaged and ensure the program looks interesting the health system uses animation, videos, and infographics. The entertaining video series helps to keep the workforce engaged and also conveys crucial information.
The health system has also given its workforce of clinicians and other members stress balls with information about phishing. There is also a calendar that displays the different cybersecurity topics to be discussed every month.
Nothwell’s security plan has been a success
Northwell Health has been successful to keep its employees informed about security differently. Putting the element of entertainment in its training program has helped to keep employees involved to receive cybersecurity training.
Other healthcare organizations can also develop their training programs like this. However, the most important thing is to get feedback and tracking data to assess the effectiveness of an organization’s security program. Cybersecurity training is a continual process, it is a journey to learn about the latest threats and ensure to stay protected from them.