Protection from Malicious Software (164.308(a)(5)) and Compliance

Information Security Advisor, Ali Pabrai, CISSP, CSCS
Ali Pabrai is the chief executive of ecfirst.com. ecfirst.com is Exclusively Endorsed for its Training Solutions by the American Hospital Association (AHA)

Protection from Malicious Software is an implementation specification defined in the Security Awareness and Training Standard in the HIPAA Security Rule. To address this requirement, organizations must develop procedures for guarding against, detecting, and reporting malicious software

The organization must develop procedures for timely application of system patches to protect against malicious software and exploitation of vulnerabilities. Typically, this requires organizations to ensure capabilities to detect and deter malicious software attacks (viruses, worms, Trojan horses) both on server systems as well as end user computers. Timely and complete updates are vital to prevent threats in this area. Experience also shows that organizations should not forget to review capabilities in this area related to medical devices connected to the network.

Typically, healthcare organizations will conduct a comprehensive Risk Analysis to determine gaps in the readiness to prevent malicious software attacks. For more information or to get a complimentary policy template for Protection from Malicious Attacks, please contact Lorna.Waggoner@ecfirst.com or call her at 1.515.453.8247 x17.

Protection from Malicious Software (164.308(a)(5)) and Compliance

Information Security Advisor, Ali Pabrai, CISSP, CSCS Ali Pabrai is the chief executive of ecfirst.com. ecfirst.com is Exclusively Endorsed for its Training Solutions by the American Hospital Association (AHA)

Information Security Advisor, Ali Pabrai, CISSP, CSCS
Ali Pabrai is the chief executive of ecfirst.com. ecfirst.com is Exclusively Endorsed for its Training Solutions by the American Hospital Association (AHA)