Cybercriminals love weak passwords. So, do you know what makes a password strong? Take our cyber quiz to test your knowledge. It’s only one question and we’ll even enter your name into a drawing for some Ballad Health swag. Click here to take the quiz and be entered in the prize drawing. Tips for creating a top password: Don’t use the same password for your Ballad Health account that you use for your personal accounts. Don’t share your password. Change your password when prompted. Use a password manager to securely store all your passwords instead of writing them down or saving them on your devices. To learn more about creating a strong password to protect yourself, your team and our patients, read: Keeping Your Passwords Squeaky Clean. Our cybersecurity campaign We must stay alert if we are going to protect our organization, our data, our patients and each other, and one of the best ways…

An Epic upgrade is scheduled for Wednesday, Nov. 16 beginning in the early hours of the morning. Here’s a quick FAQ list to tell you what you need to know. Who is affected? All Ballad Health Epic users. What is expected? On Wednesday, Nov. 16, beginning at 12:01 a.m., Epic users will experience a scheduled Epic downtime due to Ballad Health applying the February and May 22 versions of Epic. IT analysts will place a build freeze on non-emergency changes in Epic beginning Wednesday, Nov. 9, through Friday, Nov. 18, at noon. In preparation for the upgrade, the IT Clinical Informatics team will offer virtual training sessions and provide tip sheets prior to the upgrade, as applicable. The IT Clinical Informatics team will also perform facility rounding to ensure team members impacted by the upgrade are prepared for the upgrade and associated downtime. The Clinical Informatics team members will continue their rounding late Tuesday, Nov….

This message comes from Ballad Health’s IT team. Here’s a mock scenario in which someone is victimized by a cybercrime due to information provided on social media. Suzie lists her place of employment on Facebook. She hasn’t enabled privacy features, so her personal profile is visible to the public. She hasn’t considered the connection between her public profile and her clinic. George knows that protected health information (PHI) or personal identifying information (PII) will fetch a fantastic price, so George is on the hunt for a healthcare employee to exploit. He sees on Suzie’s profile that she works at a medical clinic. He also sees Suzie’s post that she’s on vacation in The Bahamas. THE HACK George calls the clinic, and Patti answers. George: Hello, I’m William Lyons, and I’ve been working with Suzie on quoting a new backup server for the clinic. Is she available? George doesn’t know if the clinic has a server…

Cyber threats to our health organization can come from many different places and can take multiple forms. While phishing is a common method of attack for hackers, it is not the only tool at their disposal. Did you know? Sometimes hackers will employ a social engineering technique known as “smishing” (from SMS phishing). These attacks function much like a phishing attack, but the scam occurs through text instead of through email. Since text scams are less common than email scams, it is easier to be caught by one unexpectedly, but these attacks can be just as dangerous as a phishing attempt. Often these attacks involve the hacker impersonating someone reputable or influential within an organization and using this false identity to build trust and obtain personal information from the target of the attack. Frequently sought information includes passwords, credit card numbers and bank information. As the hacker gains more information about their victim, though, they…

As a health system, we must remain vigilant of all cybersecurity threats and trends in order for us to effectively protect our patients and each other. And it all starts with you! Each team member is our first line of defense against cyberattacks. As a team, we must stay educated and informed on the latest cybersecurity threats so we can properly identify them and report them to our IT department. Security awareness training provides every team member with a fundamental understanding that there are imminent and ongoing cyber threats, while also preparing enterprise team members for common cyberattacks and threats. Phishing is a common practice whereby hackers go after a broad target of users with emails that look genuine but are actually intended to lead the user to click on dangerous links — possibly divulging usernames, passwords, personally identifiable information, even financial information. Phishing is akin to throwing out a wide net full of bait…

As we ramp up our defense against cyberattacks – which often come in the form of phishing attacks via fake emails – it’s important to remember some of the basic safety steps we can use to protect ourselves. Hovering your cursor One of the easiest and most effective methods to doublecheck any link within an email is by “hovering” your cursor over the link – WITHOUT clicking or tapping on the link – in order to see what web address displays. This way, you can see if it will take you to the website you thought it would, if you clicked on the link. If you have any doubts, do not click on the link! Remember, it’s not the email address you should hover over with the cursor – it is any suspicious link within the email. Also, always be wary of clicking on any attachment that comes with a suspicious email. Again, if you…

As a health system, we must have adequate levels of protection for the sensitive data we manage to protect both ourselves and the patients we care for. Cyberattacks not only disrupt healthcare providers, they also disrupt patient care. Hypothetically, if a Ballad Health provider was phished and had their credentials stolen, a hacker could potentially use that information to log into Epic and access patient information to sell on the black market. Even more dangerous, a hacker using those credentials could potentially change a patient’s medication or procedure or discharge the patient prematurely. According to a research study published in September 2021 by the Ponemon Institute, approximately 43% of the 600 healthcare IT professionals surveyed said they had experienced a ransomware attack within the last two years that disrupted the ability to care for patients. Of those who experienced a ransomware attack: 70% said the attack led to delays in procedures and tests, resulting in…

Are you using MyChart? We encourage all team members to take advantage of it for their own health, and for team members to encourage everyone else to use MyChart. It’s a great way to take an active role in managing your care. You can access MyChart through the Ballad Health app, which is our public-facing app. (Remember, you can also access the external Ballad Health app through Ballad Teams, our team member-only app.) When you download the Ballad Health app, you can do a range of things within MyChart to manage your care – all from your smartphone, laptop or tablet. MyChart connects patients with their care teams and allows safe, convenient and confidential online access to a range of information and services. It’s easy to access your health records 24/7, from home or wherever you are, using your smartphone, laptop or tablet. What can you do in MyChart? View test results Schedule appointments Check-in…

As a health system, one of the biggest threats we face right now is cyberattacks – a tool used by hackers to extort organizations like ours for money. A critical aspect of cyber safety is data protection, a set of procedures aimed at safeguarding personal data stored within a system. Because protected health information is among an individual’s most sensitive (and for criminals, valuable) private data, we must have strong measures in place for protecting our data against today’s threats. The risk of cybercriminals targeting Ballad Health is higher now than it has ever been. In fact, cyberattacks against healthcare organizations all over the world are increasing substantially in number and sophistication. Healthcare is now the number one sector for cyberattacks, experiencing more attempts and breaches than any other sector. Remember: All team members can take steps to help us fight cyberattacks and protect our data. Stay vigilant and safe from hackers   According to Health…

We’ve just completed our two-week Epic Phase 2 Go-Live, and it was a success! There were plenty of issues to solve, but with excellent teamwork among team members and our IT and operations teams — and the Epic team — our go-live has all departments in good shape going forward. At-the-elbow support will end today and the Command Center will close tonight, but IT will continue to field calls and provide support for all departments involved in the go-live. What is Epic Phase 2? We have implemented Epic as our electronic medical record (EMR) system for the following departments: Three long-term care facilities All six of our retail pharmacies Home Health and Hospice Inpatient and outpatient rehabilitation services This will bring everyone within the Ballad Health system onto Epic as our EMR system. Update from Week 2 (Aug. 8-12) Friday saw the conclusion of our official go-live, which began on Aug. 1. “This is an…

We’ve just completed the first week, Monday, Aug. 1, through Friday, Aug. 5, of our Epic Phase 2 Go-Live. Each day, we’ve provided a short summary of how things have progressed. What is Epic Phase 2? We are implementing Epic as our electronic medical record (EMR) system for the following departments: Three long-term care facilities All six of our retail pharmacies Home Health and Hospice Inpatient and outpatient rehabilitation services This will bring everyone within the Ballad Health system onto Epic as our EMR system. Friday, Aug. 5, update The first week of go-live is finished! Everything has continued to go smoothly, with issues being addressed and resolved rapidly. Thank you so much to all our team members for your patience and understanding so far during this transition, and thank you to all of our super users and support staff for keeping on top of everything so well this week. At-the-elbow support will continue through…

Our Epic Phase 2 Go-Live is under way, going from Monday, Aug. 1, through Friday, Aug. 5. Each day, we’ll provide a short summary of how things are progressing. What is Epic Phase 2? We are implementing Epic as our electronic medical record (EMR) system for the following departments: Three long-term care facilities All six of our retail pharmacies Home Health and Hospice Inpatient and outpatient rehabilitation services This will bring everyone within the Ballad Health system onto Epic as our EMR system. Thursday, Aug. 4, update On Day 4, the go-live has continued to go smoothly, with issues being addressed and resolved rapidly. Special congratulations to the Dorothy/Comfort teams for reaching 100% of visits closed on Epic within 48 hours! That is a great achievement. Below are some more comments on how the day went from team members and leaders involved in the project: “I like the medication reconciliation. It’s pretty much foolproof.” “My…