Update Anti-Virus and Anti-Malware Software for HIPAA Compliance

anti-virus anti-malware protection for hipaa complianceThe easiest way to avoid being the victim of a computer virus or malware that can steal or hold hostage your valuable information is to not make yourself vulnerable in the first place.

Just like home security, thieves will look for the unlocked door or the house without a security system. There are too many easier targets to mess with one that is protected.

Malicious Software and HIPAA Compliance

The Security Rule requires covered entities and business associates to take steps to protect HIPAA regulated systems from malicious software like viruses, malware, and ransomware. While the regulation is not specific, IT and business best practices would list, as minimum steps, that operating systems remain up to date (ideally with weekly patches) and appropriate malware protection software (including anti-virus, anti-spam) is in place for all systems and tools and that scans and updates are run daily.

Out of Date Protection is No Protection

The makers of Anti-virus and Anti-Malware protection tools like McAfee, Kaspersky, Symantec and others watch and constantly analyze new trends, tactics, and tools used by hackers. When a new variation of dangerous malware is discovered, these companies work to update their tools to monitor for and prevent infections. When you see your tools’ alerts pop up, this is to let you know an updated version is available. It is critical that you keep protection software updated to avoid new threats. Hackers rely on users who are slow to update to make the most of their new tactic or new variation of malware before systems are updated and able to stop it.

Anti-malware, Anti-ransomware Protection at the Office

If your company computer is managed on a networked system by an internal IT team, they will manage the software scans, watch for available updates, and will usually push the new version’s install during off hours. If you do see a tool that needs to be allowed to update and restart your computer, allow the update right away. Saving your work and allowing the update on the spot is better than postponing updates and risking infection.
If you see a notice on your company computer that tells you software is out of date and requires your action to install or download to update, contact your IT team before you proceed. If you are not familiar with the tools currently in use by your company and if you are not tasked with installing updated software, do not allow anything to download without first confirming that it is legitimate and necessary.

Anti-virus, Anti-spam Protection at Home

Your personal computer must stay up to date as well – especially if you use it to connect to work systems or email. Individual protection tools may alert you to updates and invite you to subscribe to a higher level of protection. If you believe you have sufficient protection, simply allow the new updates to install.

If you are unfamiliar with the software that pops up, be aware that you could be downloading malicious or dangerous software masquerading as an important new version. Always verify the authenticity and source of a link before you proceed. One option would be to go directly to the tool’s website yourself – type in the URL (even if you have to Google it), do not copy and paste or click an emailed or pop up link. You can download updates from the website if what you are seeing is a tool you use or need. If you have responded to an alert that does not look legitimate or familiar, you may have been the target of a malware attempt. This, in itself, would be an indication that your anti-virus and anti-malware software should be updated.

Four Ways to Share This Tip

anti-virus anti-malware software update security tipEvery month, we share a fun, graphic security tip like this that you can share with colleagues. These tips are a valuable, free resource for our clients and readers to help facilitate ongoing security awareness. Ongoing, bite-sized training is more beneficial than long, boring sessions and satisfies HIPAA requirements easily and effectively.

  1. Social Media: Share this article on social media.
    Share on TwitterShare on LinkedinShare on Facebookpace
  2. Email: Share this article with your colleagues.
  3. Print: Post this tip in your break room for employees to see.
  4. Newsletter: Download this full image to be included in your next internal employee newsletter. There is also a smaller image here that may fit better in your newsletter format.

We only ask that you use the images intact and unaltered. Thank you.

If you missed our free, shareable IT Security Tips in past months, you can always go back and use them from the Resources – IT Security Tips page. And Subscribe to our email list below to be sure not to miss future tips!