Cyber Security In The Healthcare Industry


Patient health information (PHI) security is top priority for organizations, and with good reason. Recent data shows that healthcare experiences twice the number of cyber attacks as any other industry. Healthcare cyber security is constantly evolving as patients and staff require access via mobile devices, while more traditional IT environments such as on-premise servers are now high-priority targets for malicious actors hoping to steal medical records and/or blackmail companies for access to their information. Enhance your security strategy to address your changing working environment and risk profile, especially with the increase of virtual doctor appointments, telehealth, and telemedicine. The Verizon DBIR indicates that the top threats to the healthcare industry are miscellaneous errors, privilege misuse and system intrusion, which represent 83% of breaches. As many are working remotely, there is an increased risk to our data health. At HALOCK, we’ve put in the time and effort to create healthcare data security solutions capable of both meeting current needs and growing with your organization to provide long-term support. Here’s how we can help.  

We have a long standing relationship with HALOCK in this area. Assessments are performed flawlessly with meaningful results.”

– Nationally Ranked Pediatric Hospital




The Healthcare Trifecta: Complexity, Compliance and Cybercrime

There’s a reason healthcare companies face more cyber attacks than those in other industries: The sheer amount of data contained in medical records far outstrips information collected by retail, legal or financial institutions. These records often include personal information, medical histories, prescriptions, credit card data, and information about next-of-kin or other family members. Thus, when it comes to medical records security, healthcare businesses face the triple threat of complexity, compliance and cyber crime. Rapidly increasing data volumes from multiple sources grows infosec complexity, while government agencies and standards organizations create new compliance regulations require reasonable security controls based on mission, objectives, and obligations. Cyber criminals, meanwhile, are leveraging historic weaknesses and developing new threats to compromise healthcare information security. These threats are wide-ranging and can come from a variety of sources. They include brute force attacks against an organization’s firewall as well as more insidious methods such as phishing schemes. Whether the attack comes from exploiting a weakness in your security measures or an attempt to trick employees into unknowingly giving up their credentials, any kind of breach can be a disaster for healthcare organizations.



HALOCK does good work.

– Healthcare Association




What We Do

The challenges surrounding healthcare and cyber security have never been greater. Fortunately, HALOCK has the expertise and experience to provide the most comprehensive cyber security in the healthcare industry. Our solutions also ensure compliance with government standards for protecting confidential data.

HALOCK’s team of industry experts has developed a range of hospital cyber security services to help your healthcare organization better manage current issues and prepare for new attacks, including:


  • HIPAA and PCI Compliance: Compliance regulations such as HIPAA are critical to ensure medical records security meets government standards. With the evolution of physician and patient visits through interactive medicine through video conference apps and software making checkups more convenient, it has also surfaced new vulnerabilities for ePHI, sensitive data, and private information. Understand the HIPAA compliance requirements as it pertains to your healthcare organization. PCI compliance for healthcare is also essential. With the scope of health industry services rapidly expanding, many companies now store and retain at least some credit data, making them subject to PCI DSS requirements. Review your PCI compliance for v4.0. We can help identify and satisfy key compliance obligations.
  • Risk Management Program: The massive volume of potential healthcare security issues means you need to spend InfoSec budgets wisely to ensure maximum impact and minimum disruption. Our experts have the industry knowledge you need to prioritize and optimize security investments while keeping you compliant. An ongoing risk management program provides continuous maintenance and insight on your risk profile and how to enhance your safeguards, mitigate your risks, and define reasonable security.
  • Penetration Testing: As healthcare IT grows more complex, companies increasingly rely on third-party and open-source solutions to streamline deployments and infrastructure. Penetration testing from HALOCK helps identify potential vulnerabilities and deploy remediation strategies before cyber attackers compromise your network. Before launching a new telemedicine app, validate it is secure to handle private data. If you have changes on your network or are integrating systems with a recent acquisition, test your changing environment. Test to see if your controls and team can respond appropriately in the event of a breach with an Assumed Breach or Adversary Simulation penetration test. Conduct a remediation verification pen test to confirm vulnerabilities are fixed. Consider a Recurring Penetration Testing program to assess your safeguards throughout the year for a proactive security approach.
  • Risk Based Threat Assessment: Improve protection against the five MITRE ATT&CK Types. Prioritize security controls to enhance or implement using the best threat data the cybersecurity community offers, leveraging the HALOCK Industry Threat (HIT)  Index, a model for estimating the most likely (and least likely) ways your organization will be hit by a cybersecurity or information security attack.
  • HALOCK’s Cloud Security Assessment: Gain insight on your risks. The assessment provides a review of Azure, AWS, and Google (GCP) cloud environments to identify risk and recommends how to remediate them.
  • Healthcare Incident Response: Should you experience a breach, HALOCK has the tools and expertise you need to quickly recover after a security incident and track the problem to its source. HALOCK’s incident response management, process, and planning provide comprehensive coverage in the event of a security breach. How your team responds, and how quickly they can minimize risk and impact of a cyber attack. Many cyber insurance companies require a written incident response plan for coverage. Explore an ongoing program that gets in front of any potential threats or attacks. You can be response ready with an Incident Response Readiness as a Service (IRRaaS) program.
  • Mergers & Acquisition (M&A): As part of the due diligence process of an M&A, organizations must understand the risk and security profile of their partner or target company. You must determine what liabilities or risks can arise under the other company’s cybersecurity program. With HALOCK’s M&A program, we can help you through the entire process from pre-acquisition to post-acquisition to identify risks, remediation steps, and establish reasonable security.
  • Third Party Risk Management (TPRM)/Vendor Risk Management: Ensure your healthcare third-party partners are aligned with your organization’s risk controls. Vendors and contractors serve as an extension of your group. They represent you and should operate under your business requirements. Assess your business associates (BA) are compliant and managing your data properly and securely. A recent Panorays study revealed 41% of organizations are not sure if their suppliers were out of compliance in the past year. It also indicated that half of the respondents cited third party risk as one of the top 5 items in their risk register and expect this risk to increase. A required best practice is to always conduct a supplier risk assessment to keep your vendors on point with your security posture. HALOCK can help build and maintain a specific program for your healthcare environment.
  • Risk Assessments: Healthcare regulations require your safeguards be reasonable to your organization, patients, and partners. With many frameworks available, how do you establish your acceptable risk? Do you know the best risk management strategy for you? HALOCK guides you through a proper HIPAA Risk Assessment. With the release of the Securities and Exchange Commission (SEC) Cybersecurity rules on disclosure, it’s essential that you regularly review your risk profile. The Duty of Care Risk Assessment (DoCRA) helps you define a reasonable security strategy factoring in compliance and safeguards based on your specific facility, objectives, and social responsibility. Leverage a comprehensive Risk Management Program to establish a defensible security strategy.
  • Privacy: CCPA is the most sweeping legislation to date in the U.S. that concerns the protection of personal information. It broadens the definition of what constitutes personal information and gives California citizens greater control over what companies can do with their personal data. This includes the right to exempt their own personal information from being shared or purchased on the open market. Understand the impact this change and other states’ requirements have on your organization. Know what private information you manage and where it is located to properly secure. Conduct sensitive data scanning to ensure you have a current data inventory of sensitive information.
  • Legal Advisory: Get the proper support for your legal team when addressing a security incident or litigation. See how we can partner with you in this engagement example of post-breach risk assessment for a university health system.
  • Cyber Security Awareness Training: With many employees now working remotely, they are targets for hackers. Ensure they understand the potential threats they may experience and best practices to prevent cyber attacks. Security Awareness training will provide guidance on how to detect suspicious activity and what to do in the event of a security incident.
  • Security Engineering & Tools: Ensure you have the proper infrastructure security controls to defend sensitive data of your medical staff, patients, payers, providers, and more. Proactively assess common threats to the healthcare industry through the HALOCK Industry Threat (HIT) Index to best prepare. Conduct security architecture reviews, sensitive data scanning, and implement threat monitoring programs to proactively secure against cyber threats. A consistent and steady review of your threat landscape is a best practice for your industry through a managed detection and response program (MDR) or Threat Hunting Program. Ensure you have reasonable controls implemented as mandated by compliance requirements such as multi-factor authentication (MFA) or web application firewalls (WAF).
  • PCI DSS v4.0 Compliance: If your institution manages and stores credit card data, you need to secure who and how they are accessed and shared. With the update to the PCI requirements, it’s best practice to review your compliance. Our QSAs are SMEs on required scope and steps to achieve and maintain PCI compliance. Set up a review on your business environment to secure and protect your sensitive information.  ALSO: What is in PCI Scope for eCommerce Outsourcing? Ensure your TSPSs are fully outsouced. Guidance Related to PCI Compliance Scope for eCommerce Outsourcing 



The HALOCK Security Briefing is a review of significant events, trends, and movements that will influence how you manage cybersecurity, risk, and compliance. Our clients receive periodic overviews with an extensive report file on the topics discussed. This insightful document also includes reference links throughout the report for easy navigation and deeper research. 




Why HALOCK for Healthcare?

HALOCK and the healthcare industry share common ground — purpose-driven results. For healthcare, this means designing treatment options that target root causes and solve underlying issues. At HALOCK, our purpose-driven security mandate means delivering optimal security in the right place at the right time to boost overall health data security without causing unintended side effects to productivity. When you require reasonable safeguards for healthcare information security,  talk to HALOCK.  


HALOCK recognized in 2024 Verizon Data Breach Investigations Report (DBIR) on how to estimate risk.

Estimate risk based on real threat data. Read Appendix D in the 2024 Verizon Data Breach Investigations Report (DBIR) to augment your risk analysis.

Blue Case Study PCI Compliance
CASE STUDY: Research University


Reasonable Security is Defined

The Sedona Conference – an influential think tank that advises attorneys, regulators, and judges on challenging technical matters – released its Commentary on a Reasonable Security Test. The Commentary is the first document of its kind that provides the legal community with a clear definition of a “reasonable” security control.

HALOCK’s Chris Cronin was a co-author of Commentary on a Reasonable Security Test. To learn how to apply the test, contact us.