2022 Security and Compliance

As 2022 unfolds, the security and compliance threats to organizations and healthcare practices look a lot like a repeat of 2021: more ransomware threats, recycling old scams and finding new flaws to exploit. 

Where should your focus be regarding 2022 security and compliance, and what are the best 2022 healthcare security tips to protect your organization?  

2022 Security and Compliance Tips, Threats, and Trends – Ransomware on Repeat, Questionable QRs

If Ben Franklin were alive today, he’d likely amend his famous adage to, “…nothing is certain except death and taxes and ransomware.” From January 1 to February 18, 2022, the U.S. Department of Health and Human Services Office for Civil Rights Breach Portal (aka, the Wall of Shame) received reports of 52 hacking incidents. That is nearly double the 27 incidents reported during the same period in 2021.

In fact, ransomware is expected to surpass phishing attacks as the leading cause of all data breaches in 2022, according to an Identity Theft Resource Center report.

While the Coinbase floating QR code ad during the Super Bowl worked as hoped (except perhaps the part where web traffic crashed their servers) it also highlights the potential threat of malicious QR codes raised by the FBI in January.

Bad actors are leveraging the pandemic-fueled resurgence in the use of QR codes to redirect unsuspecting users to malicious websites in ways that can bypass conventional email security procedures.

In a video produced before Coinbase’s ad aired, Pax8’s Senior Director of Security and Compliance Matt Lee demonstrated how a legitimate restaurant QR code could be created and replaced in less than three minutes.

Let’s Simplify Compliance

Do you need help with security and compliance? We can help!

Learn More!
HIPAA Seal of Compliance

2022 Security and Compliance Tips, Threats, and Trends – Build from the Inside

As external cybersecurity threats grow, your workforce can be your greatest vulnerability or a vital part of your security. It all depends upon what kind of security culture you create within your organization. 

Another 2022 healthcare security tip is regular education and training to raise awareness of the potential threats and how harmless they first appear. This could include mock phishing and ransomware attacks on your systems. 

Because of the regulations and rules regarding privacy and security, HIPAA compliance can be the cornerstone of building a culture that incorporates security awareness as part of everyday operations.

2022 Security and Compliance Tips, Threats, and Trends – Zero (Trust) is a Hero

Another foundational principle for your culture of compliance and security is Zero Trust. The term is used widely in information security circles, but what is it, and how can it protect your business? 

Simply put, Zero Trust requires that you operate with a mindset that every request for data or access to your network or systems is a threat. That doesn’t mean you have to build aluminum foil hats for your servers. It means that you must configure your security controls to identify legitimate users from those who would harm your clients and organization.

Zero Trust incorporates digital authentication and behavioral analysis tools to limit access to authorized users. Like HIPAA compliance, you can’t just buy it off the shelf and attach it to your system. Zero Trust must be a mindset within your organization’s security culture to be truly effective. 

Cybercriminals are constantly discovering new vulnerabilities and creating new threats to exploit them. Security is a journey, not a destination.

2022 Security and Compliance Tips, Threats, and Trends – MFA is A-OK

Digital identities and access control are two key things businesses can control to maintain security. Verification of those credentials has gone far beyond the days of a simple password. Threat actors can utilize social engineering attacks (phishing) or brute force attacks (guessing passwords).

Two- or Multi-f