Cybersecurity in Nurse Triage and Telehealth

The consensus within the healthcare sector is that most organizations do not have adequate cybersecurity. But improving this service doesn’t have to be difficult, and is well worth your time to safeguard the health and data of your patients, your finances, and your reputation. Read on to learn about cybersecurity best practices, the basic steps your organization can take, and more.

Set up a 15 minute call

Contact Us

Best Practices

Here are the main areas we recommend focusing on first, with an emphasis on physical safeguards and data security.

Article: Cybersecurity Best Practices for Healthcare, Telehealth, and Nurse Triage

Article: Physical Safeguards Your Cybersecurity Needs to Protect Patient Data in Telehealth

Article: Letter From the CTO: The Latest Nurse Triage Tech Integrates Healthcare Data and Enhances Its Security

Video: Cybersecurity Best Practices for Healthcare, Telehealth, and Nurse Triage

 

Cybersecurity Basics

While geared toward small businesses, this ebook and quiz from the FTC outlines the basic essentials of cyber resilience that all healthcare organizations would do well to adopt.

Ebook: Cybersecurity Basics

Quiz: Cybersecurity

 

Medical Call Centers

Learn how your medical call center can improve policies surrounding telephone nurse triage and patient health data to make them more secure.

Article: Cybersecurity: How to Safeguard Your Medical Call Center

Learning Center: Cybersecurity Best Practices for Healthcare, Telehealth, and Nurse Triage

 

Vulnerabilities

Becker’s Health IT discusses the main points of entry that hackers use to exploit healthcare networks.

Article: 6 vulnerability points hackers target in hospital cyberattacks

 

TriageLogic’s Cybersecurity

Employees and Users

TriageLogic has a formal HIPAA Security and Compliance training program. All employees are required to complete it and pass an exam to demonstrate their knowledge. We also perform an annual detailed HIPAA Risk Assessment, based on concepts and processes described in NIST Special Publication (SP) 800-30 Revision 1.

Data Centers

TriageLogic’s call center software platform is hosted in enterprise class data. All systems are fully redundant across two data centers, one in Tampa and one in Atlanta. Both are SSAE-16 SOC1 and SOC2 certified, as well as HIPAA and PCI compliant. They’re also backed up regularly and patched quarterly. 

Network

Networks in both data centers are protected by managed Juniper/CISCO firewalls. Network traffic is encrypted with SSL encryption. The network and servers are also monitored by a Security Information and Event Management (SIEM) platform and Intrusion Detection System (IDS), operating 24/7 in the Security Operations Center (SOC).

Applications and Data

TriageLogic captures the least amount of ePHI required to provide effective triage information to patients and their providers. Data is encrypted during transit and at rest. Patient data is only stored on database servers and never on workstations or mobile devices. Multi-factor authentication (MFA) is required in order to access the data and applications in the software platform. If a provider requests that TriageLogic sends patient information to them, it will only be provided over a secure connection. The applications are regularly scanned for vulnerabilities and misconfigurations, as well as automated PEN testing.

End User Requirements

TriageLogic software requires a fast internet connection and is built and tested using up-to-date

Chrome and Edge Chromium browsers.