FQHCs Prepare for National Cybersecurity Awareness Month

Posted on October 1, 2023October 26, 2023

FQHCs are faced with an ever-shifting cybersecurity landscape due to emerging technologies and shifting internal and cloud vulnerabilities. Adding to this are regulations designed to keep pace as well as the data (health and personally identifiable) that live through their systems. The U.S. federal government has designated October as National Cybersecurity Awareness Month (NCSAM). AAFCPAs advises that clients take this opportunity to reflect on potential risks and exposures while investigating ways to better secure business and critical infrastructure.

Where To Focus

Healthcare organizations are held to higher standards of accountability given their role in securing highly sensitive electronic medical records and clinical, claims, and administrative data. Beyond this, health centers depend on the same information systems to serve patients, deliver care, manage records and workflows, and coordinate referrals. With the rise in telemedicine, uptime has never been more critical in facilitating remote care.

NCSAM is a timely reminder to reassess privacy protections within legacy systems along with medical device security, email protocol, asset and network management including access, and cybersecurity policies. AAFCPAs also advises that healthcare clients refresh cybersecurity training and incident response plans to ensure alignment with the current threat landscape. Ask yourself, are the latest software updates in place? How strong are system controls? Is system access limited to only those requiring it? How frequently do we conduct cybersecurity training and education with clinical staff? When did we last perform a routine risk assessment? When did we last review and test our Incident Response Plan (IRP) and Business Continuity Plan (BCP)?

Download our IT and Cybersecurity Health Check. >>

Clients are encouraged to utilize this resource in discussions with your IT services group and as part of a more comprehensive Enterprise Risk Management Program.

How We Help

AAFCPAs works with clients to identify cybersecurity risks before they affect patient care. We conduct comprehensive IT/cybersecurity assessments and provide recommendations to seal exposures. Routine assessments can help organizations remain in full compliance with changing regulations, avert costly litigation, and maintain your trusted reputation.

If you have questions, please contact James Jumes, MBA, M.Ed., Partner, Business Process & IT Consulting at 774.512.4062 or jjumes@nullaafcpa.com, Vassilis Kontoglis, Partner, Analytics, Automation & IT Security at 774.512.4069 or vkontoglis@nullaafcpa.com—or your AAFCPAs Partner.

About the Authors

Vassilis Kontoglis

Vassilis has 20+ years’ proven experience providing business intelligence, productivity, information risk management, and cybersecurity solutions. He is a critical resource in keeping clients and the firm on the forefront of transformative technologies while mitigating risks that come along with these advancements. Vassilis leads the delivery of Robotic Process Automation solutions at AAFCPAs. He understands the unique requirements to achieve RPA success, including proper design, planning, implementation, and governance. He works collaboratively with clients and cross-functional …

James Jumes, MBA, M.Ed.

James joined AAFCPAs in 2013 to lead the firm’s Business Process & IT Consulting practice. He leads a team of senior technologist in the delivery of solutions related to business intelligence & productivity, information risk management and cybersecurity, and special IT attestations, compliance, and certifications. His goal is to strengthen the links between people, process, and technology, which increases productivity and drives business growth. James has more than 30 years of experience working with information technology …

Related Insights

Safeguarding Against Holiday Season Phishing and Cyber Threats

AAFCPAs would like to remind clients that the period between Thanksgiving and New Year’s is a prime time for phishing and other malicious cyberattacks. Cybercriminals take advantage of increased internet shopping, debit/credit card use, and the influx of holiday offers to deceive individuals into disclosing sensitive information. Now more than ever, vigilance is required in […]

October is Cybersecurity Awareness Month. Are You Prepared?

Cybersecurity Awareness Month is observed in October in the United States to raise awareness about the importance of protecting digital systems and data from cyber threats. As of the third quarter of 2024, there were over 2,000 reported data breaches affecting an estimated 1.3 billion individuals globally with major breaches affecting companies like UnitedHealth, Snowflake, […]

Fidelity E-Delivery Initiative Spurs a Surge of Phishing Scams

Last week, AAF Wealth Management informed clients about an upcoming outreach effort by Fidelity Investments and cautioned them of an increase in phishing scams as a result. During the week of September 16, Fidelity begins an email campaign to encourage clients to switch from paper copies to electronic delivery of all documents. This affects investors […]