Update Anti-Virus and Anti-Malware Software for HIPAA Compliance

Update Anti-Virus and Anti-Malware Software for HIPAA Compliance

The easiest way to avoid being the victim of a computer virus or malware that can steal or hold hostage your valuable information is to not make yourself vulnerable in the first place.

Just like home security, thieves will look for the unlocked door or the house without a security system. There are too many easy targets to mess with one that is protected.

Malicious Software and HIPAA Compliance

The Security Rule requires covered entities and business associates to take steps to protect HIPAA regulated systems from malicious software like viruses, malware, and ransomware. While the regulation is not specific, IT and business best practices would list, as minimum steps, that operating systems remain up to date (ideally with weekly patches) and appropriate malware protection software (including anti-virus and anti-spam) are in place for all systems and tools, as well as that scans and updates are run daily.

Out of Date Protection is No Protection

The makers of Anti-virus and Anti-Malware protection tools like McAfee, Kaspersky, Symantec, and others watch and constantly analyze new trends, tactics, and tools used by hackers. When a new variation of dangerous malware is discovered, these companies work to update their tools to monitor for and prevent infections. When you see your tools’ alerts pop up, this is to let you know an updated version is available. It is critical that you keep protection software updated to avoid new threats. Hackers rely on users who are slow to update to make the most of their new tactic or new variation of malware before systems are updated and able to stop it.

Anti-malware, Anti-ransomware Protection at the Office

If your company computer is managed on a networked system by an internal IT team, they will manage the software scans, watch for available updates, and will usually push the new version’s install during off hours. If you do see a tool that needs to be allowed to update and restart your computer, allow the update right away. Saving your work and allowing the update on the spot is better than postponing updates and risking infection.

If you see a notice on your company computer that tells you software is out of date and requires your action to install or download to update, contact your IT team before you proceed. If you are not familiar with the tools currently in use by your company and if you are not tasked with installing updated software, do not allow anything to download without first confirming that it is legitimate and necessary.

Anti-virus, Anti-spam Protection at Home

Your personal computer must stay up to date as well – especially if you use it to connect to work systems or email. Individual protection tools may alert you to updates and invite you to subscribe to a higher level of protection. If you believe you have sufficient protection, simply allow the new updates to install.

If you are unfamiliar with the software that pops up, be aware that you could be downloading malicious or dangerous softwaremasquerading as an important new version. Always verify the authenticity and source of a link before you proceed. One option would be to go directly to the tool’s website yourself – type in the URL (even if you have to Google it), do not copy and paste or click an emailed or pop up link. You can download updates from the website if what you are seeing is a tool you use or need. If you have responded to an alert that does not look legitimate or familiar, you may have been the target of a malware attempt. This, in itself, would be an indication that your anti-virus and anti-malware software should be updated.

If you missed our free, shareable IT Security Tips in past months, you can always go back and use them from the Resources – IT Security Tips page. And Subscribe to our email list below to be sure not to miss future tips!

Is your organization HIPAA compliant?

Contact us to find out sooner rather than later.

Ask about our letters of attestation that demonstrate your compliance!