Close Print View Issue

Go phish-Cybercriminals aren't playing games

Cybercriminals are ruthless and have one goal: to access your personal information and bank accounts. Some of the most high-profile cybersecurity breaches (i.e., Target and Sony) began with phishing emails, and although EMHS is not a large, global company, we are not immune. Last year, several EMHS employees fell victim to a phishing scam in which their money was stolen and personal information was compromised. This is why EMHS has teamed up with one of the nation’s leading experts in cyber threats to help educate employees on how to be safe online. EMHS IS Security recently launched the Security Awareness Program to help you recognize the work of a cybercriminal—here is what you can expect:

  • Simulated attacks and vulnerability assessments
    • Employees will learn to spot the different cybercriminal traps commonly found in phishing emails and spear phishing attacks.
  • Education
    • Employees will be asked to complete 10 to 15 minute, interactive, online training modules to learn about secure online behavior to protect sensitive information.
  • Tips and tricks
    • Employees will receive emails twice a month full of relevant, practical cybersecurity information for home and work.

CyberSecurity-REMEMBER.jpgAs healthcare personnel, it is up to every EMHS employee to be especially vigilant and watchful of potential attacks. In 2015, according U.S. Department of Health and Human Services’ Office for Civil Rights, there were 253 healthcare breaches that affected 500 individuals or more with a combined loss of more than 112 million patient records. Glenn Martin, Esq., EMHS senior vice president and general counsel, and chair of EMHS Security Governance, says that the key to protecting employees and patients alike starts with training staff. He shares, “Phishing is one of the easiest ways cybercriminals can steal a patient’s medical identity and protected health information. As healthcare providers, we have a legal duty to protect patient information from unauthorized access, whether malicious or unintentional, by both insiders and hackers. Prevention is a top priority for EMHS and that effort begins with educating our employees.”

If you have questions about the program or about cybersecurity, visit the IS Security portal, or contact IS Security directly at EMHScybersecurity@emhs.org.