Phishing attempts at Orlando Health are occurring on a daily basis,
making a strong defense increasingly important.
“Recently a team member on break accessed a personal Gmail account
from an Orlando Health networked computer, clicked on a link which looked
legitimate, but unfortunately it wasn’t,” says Steve Stallard, corporate
director, Compliance and IS. “The malware immediately locked up the team
member’s computer and could have easily spread throughout the network had it not
been caught and insolated in time. It is because of events like this that we
need to increase precautions to minimize our exposure to malware attacks from
cyber criminals.”
Effective Thursday, December 1, team members and physicians will be
asked to access personal webmail accounts such as Gmail, Hotmail or Road Runner
from their own personal smartphone or tablet. This also applies to any vendor or
school account to which a team member or physician might have access.
Access to personal or external email accounts
from an Orlando Health networked computer will not be available.
Webmail sites will remain available on both the physician network and on the
guest networks when accessed from personal devices only. Instructions on how to access the guest network are available on SWIFT.
Further information about this change is reflected in Policy
#5706-0238, Internet, Electronic Mail and other Electronic Communication
Resources.
The magnitude of the threat against healthcare information in the
U.S. is staggering. Cyber criminals are looking at healthcare organizations
across the country as prime targets for ransomware; the act of stealing data and
holding it hostage for a ransom; they also value obtaining electronic health records, which contain vast amounts of information
about an individual and can be used to access financial accounts.
“Thank you for your understanding and for your help in keeping our
network safe from cyber-attacks.”