In the health care industry, October is perhaps most commonly identified with Breast Cancer Awareness. Certainly it’s a topic worthy of laboratory sector attention given the industry’s role via BRCA testing in identifying breast cancer risk. But the month also serves as an opportunity to draw awareness to some non-diagnostic issues less often discussed among laboratorians and pathologists but which can still impact operations. October is also National Cyber Security Awareness Month, sponsored by the Department of Homeland Security and the National Cyber Security Awareness Alliance. The issue of cyber security affects all industries and businesses but none more than the keepers of sensitive health information— health care providers such as laboratories and pathology groups who gather increasing amounts of data and are being challenged to improve health care delivery with increased interoperability and data sharing. Noting that technology has “spearheaded advancements in healthcare” and other industries, the Department of Homeland Security’s web site cautions that no industry is “immune to cyber risks” and because we are so dependent on “critical infrastructure and the digital technology that operates it,” cyber security is critical and “cyber security is a shared responsibility.”
Cyber Security to do: This month, review your information security programs, policies and procedures for gaps. Develop and implement training to keep information security in the front of everyone’s minds. Reiterate the importance of using strong passwords and changing them frequently. Remind all those using your systems to take care with suspicious emails, avoid phishing traps and be careful with the sites they visit if you allow them to use work-related devices for personal use. Protecting your lab and your patients from cyber crime is required by HIPAA (see Page 1 for more information about HIPAA enforcement) and other federal and state laws. But it’s also important for protecting your employees and your business operations as well.