Hospitals & Internet Access Control

June 5, 2018HIPAA News0

Before talking about how to limit Internet access in hospitals, it might be a good idea to discuss why Internet access control for hospitals is considered vital. Mainly, the implementation of an Internet filter for hospitals addresses the risk of a cyberattack by blocking access to web pages that are likely to include malware.

There are many different sorts of malware in circulation – most of which are placed on websites that appear harmless. However, where hackers have been able to exploit a flaw on a website and install malware, it is then very simple for the infection to be downloaded onto an unsuspecting visitor’s computer – and spread throughout an group’s network.

The main fear for many healthcare groups is the installation of surveillance software or spyware. Once this specific type of malware has been installed on an individual´s device, every keystroke can be recorded – supplying hackers with access to usernames and passwords that can then lead to a breach of Protected Health Information (PHI).

With the configuration of Internet access control for hospitals, the danger of malware being downloaded onto a user´s device is mitigated. Due to this, knowing how to restrict Internet access in hospitals enhances the hospital´s security posture by adding an extra layer of defense against hacking.

The Department of Health and Human Services has recently released new guidance for covered groups on ransomware. In most of cases, ransomware infections are considered to be HIPAA breaches. Covered groups are required to implement controls to reduce the risk of ransomware infections as much as is possible. Internet access control stops end users from visiting websites containing exploit kits that download ransomware including Locky. Controlling access to the Internet is therefore a vital aspect of HIPAA compliance.

Internet Filters for Hospitals Explained

An Internet filter for hospitals works by applying a set of guidelines. The guidelines inform the filter what sort of web content a network user can access and which web pages should be tackled. To save time in compiling the guidelines, lists of websites known to be releasing malware – known as “blacklists” – can be loaded directly onto the filter to supply immediate Internet access control for hospitals.

Thereafter, whenever a member of staff, a patient or a hospital visitor requests access to a website by typing in a URL or by visiting a link, the filter checks the address against its guidelines to determine whether or not access should be permitted. Internet access control for hospitals effectively stops recipients of phishing emails from reaching the target website – thus avoiding the potential infection of their device.

Blacklists are updated often by the filter service provider as new websites sharing malware are identified. However, it can also be key to know how to restrict Internet access in hospitals manually in order to enforce acceptable usage policies, to improve productivity and to protect children and the vulnerable from exposure to inappropriate material.

The “fine-tuning” of an Internet access control for hospitals is completed by category blocking and keyword-based filtering. Using these tools, administrators can restrict access to specific categories of website or web pages including particular words. “Whitelists” can also be used to permit access to specific websites if there is a chance that they would be blocked by falling into a predefined category.

Hospitals & Internet Access Control for WiFi

Some larger healthcare groups have more than one Internet network because of bandwidth problems. Bandwidth issues can be resolved with Internet access control for hospitals simply by blocking video streaming sites like Netflix and You Tube or by setting bandwidth limits in the filter. For healthcare groups that supply a WiFi service, Internet access control for WiFi in hospitals is essential.

It has been well covered previously that malware exists that can infect a WiFi network. All it takes is for one user to click on an infected site, and the malware is not only downloaded on the user’s device, but also on the network. Anybody who then logs into the network will also have their device infected, and a hacker will be able to review the websites visited by that infected device as well as any passwords that are used.

The healthcare groups with more than one Internet network usually dedicate one for use by medical experts and the other for the benefit of patients and hospital visitors. The danger exists that an infection on one WiFi network could be transferred onto the other(s), with devastating results depending on the nature of the malware. Most certainly a hacker would spot a patient’s WiFi network as a means of finding a gateway into the network used by medical experts.

For this reason, Internet access control for WiFi in hospitals is vital when a WiFi network is present. Internet access control for WiFi in hospitals employs the same blacklists, category blocking and keyword-based filtering as “non-WiFi” Internet access control for hospitals in order to stop visitors accessing unsafe websites and inadvertently downloading infections and malware.

Enhancing Productivity with Internet Access Control for Hospitals

Unfiltered Internet access can seriously harm productivity. It has been calculated that a group with one thousand Internet users would lose around $35 million in productivity each year from just one hour of daily web surfing by employees. Unfortunately many organizations lose considerably more in productivity due to “cyber-slacking”!

A 2011 survey completed by International Data Corp found that 30% to 40% of workplace Internet access is spent on non-work related activities and that 25% of all unfiltered corporate Internet traffic was unlinked to work. The three main causes of lost productivity were pornography, online shopping and social media – three of the most commonly seen categories in an Internet filter for hospitals.

By restricting access to websites that distract employees from their work, productivity is likely to go up significantly. Additionally, Internet access control for hospitals can prevent HR problems from arising when an employee spend too much of their day watching videos or playing online games, or when they access inappropriate material that upsets colleagues working nearby.

Knowing how to limit Internet access in hospitals to stop HR problems also stops children and vulnerable persons from accidentally being exposed to inappropriate material. This could happen on a hospital ward in which patients are allowed Internet access on personal mobile devices or in a hospital waiting room when patients are waiting to be seen by a doctor.

Choosing an Internet Filter for Hospitals

When choosing an Internet filter for hospitals, there are a number of things to consider depending on the nature and size of the group and whether or not it provides a WiFi service – in which case Internet access control for WiFi in hospitals is vital. It is also recommended to review any risk assessments carried out in order to adhere with HIPAA that may identify vulnerabilities within a healthcare organization’s existing web security measures.

Ideally, Internet access control for hospitals should be easy to download, configure and maintain. As mentioned previously, your filter service provider should commit to keeping blacklists up-to-date, and they should also be responsible for any other software updates to make sure that your Internet filter for hospitals is working efficiently without latency or bandwidth problems.

In order to limit Internet access in hospitals and enforce acceptable use policies, the Internet filter for hospitals should have a high degree of granularity and be flexible enough to restrict access to certain categories of website by user-group and/or time. You may well also require customizable categories depending on the policies you wish to put in place and enforce.

Other factors you may want to mull over including reporting facilities – so that Internet access can be reviewed – and suitable APIs for backend integration. The Internet access control for hospitals may also have to support multi-language filtering if your medical clinic is located in a multi-cultural location and you should also have the option of hosting the web filtering solution within your own infrastructure if you would like to.

About Thomas Brown
Thomas Brown worked as a reporter for several years on ComplianceHome. Thomas a seasoned journalist with several years experience in the healthcare sector and has contributed to healthcare and information technology news publishers. Thomas has a particular interest in the application of healthcare information technology to better serve the interest of patients, including areas should has data protection and innovations such as telehealth.

Copyright © 2024 ComplianceHome