With phishing attempts emerging as a key part of most cyber attacks, the IT leadership of one hospital built cyber security education into the healthcare compliance strategy.
Today, phishing awareness has never been more important. With over 90 percent of cyber attacks originating in a phishing email to an unsuspecting victim, IT leaders are challenged to keep cyber criminals out of critical systems. This is especially true for hospitals and healthcare facilities bound by HIPAA and other regulations developed to safeguard patients, residents, and stakeholders.
Located in Bellefontaine, Ohio, Mary Rutan Health serves the healthcare needs of the local region. Multiple expansions have occurred during the organization’s 100-plus-year history and each time the organization increased services offered to the community.
In operation since 1919, Mary Rutan is a general medical-surgical hospital dedicated to providing high-quality patient care. Inspired by this dedication to care, the organization has prioritized the safety and privacy of patients, employees, and stakeholders with achievement goals in cyber security selecting BlueOrange as their healthcare compliance partner.
“It’s been incremental over the past four years,” says Mary Rutan Health IT Director and HIPAA Security Officer, Robert Reynolds. “We’ve been working with BlueOrange and we have seen steady improvement. BlueOrange helped guide us and let us know where the specific priority should be each year and kept us going.”
In addition to their guidance and expertise, Reyolds and his team have appreciated the way BlueOrange has kept the organization informed of ongoing trends, security incidents, vulnerabilities, and other key cyber security issues in real time through the BlueOrange Compliance Security Alert System.
Phishing Awareness Through Education
Security alerts are sent automatically to BlueOrange customers when a new potential threat is detected. It is a system created to keep businesses aware of new cyber security threats and it helps to increase phishing awareness.
“The effort to educate staff has been perhaps one of the biggest benefits of BlueOrange,” says Reynolds. “When we receive one of the security alerts, we send them to the staff to help boost employee education. Particularly when it comes to phishing and malware because no amount of money that we spend on cyber security matters if a member of our staff clicks the wrong link and a cyber criminal gets through. That’s the kind of message that we keep repeating. BlueOrange has helped us formulate that message, and we promote it throughout our organization. That’s been really positive.”
With BlueOrange Compliance Alerts, Reynolds and the rest of his team at Mary Rutan Health are able to keep employees and other stakeholders informed, giving everyone a personal stake in online safety, both at work and in their everyday lives.
“The security alerts let us know if a malware variant or specific attack vector is propagating and increasing,” says Reynolds. “Once we have the information, we will send out a warning to everybody. It has been very well received. Not only is it in the employees’ best interest to keep Mary Rutan Health safe, but they need to learn these things to keep themselves safe at home. We make it personal to them and keep it top of mind every day for their online banking, credit card use online, anything. It’s important to pay attention to protect yourself, and it resonates for everyone.”
To learn more about phishing awareness and the other key strategies employed by Reynolds and his team, access the full Mary Rutan Health Cyber Security & Compliance Spotlight from BlueOrange Compliance.
