Cybersecurity Best Practices for Pharmacies in the Digital Age

The use of digital technology within the pharmacy has been increasing rapidly over the past few years. When the COVID-19 pandemic hit, pharmacists and their staff had to deal with an unprecedented demand for services, which led to a well-documented rise in burnout and staff shortages. This sped up the move toward using digital technology in the pharmacy, as pharmacists attempted to alleviate the unexpected increase in workload.

Electronic medical record on tablet / terovesalainen - stock.adobe.com

Although digital technology, such as artificial intelligence and automation tools, can aid pharmacists and improve workflows, they also increase the threat of cyberattacks. Cyberattacks, which usually involve stealing or destroying data, have been steadily increasing. In 2022 alone, the US Department of Health and Human Services identified 707 health care data breaches that exposed over 51.9 million patient records.¹

The move to digital technology use in pharmacies is only expected to continue. To protect patient privacy, it is of critical importance that pharmacists and other industry leaders become familiar with cybersecurity.

Help keep your pharmacy and your patients safe with the following cybersecurity tips:

Train staff in cybersecurity. The first and most important line of defense against cyberattacks is having staff members who are trained and aware of potential threats. Pharmacy staff should be taught cybersecurity best practices, such as not using pharmacy systems for personal matters and checking web links before opening them. Staff should also be trained on how to recognize a phishing attack, which is one of the most common ways a bad actor gains access to a system.

Make sure passwords are managed properly. Password management is a key aspect in preventing any potential cyberattacks. Passwords should be complex and hard to guess but easy to remember. You should always use different passwords for different accounts, as this prevents multiple accounts from being compromised if one is hacked. Using multifactor authentication, which involves multiple steps to log into an account, is a way to add another layer of security.² Additionally, passwords should never be shared or written down on a piece of paper, which can easily get stolen or lost.

READ MORE: AI Can Improve Business Operations in Community Pharmacies and Benefit Patients

Ensure internet vulnerabilities are addressed. One way to be proactive, rather than reactive, is to address internet vulnerabilities. This includes utilizing strategies like conducting regular vulnerability scanning, properly configuring any devices, employing best practices when it comes to remote desktop services, and making sure all of your software is up to date.³

Use security software. Security software is an obvious first choice to protect against cyberattacks. Pharmacists should ensure that all of their devices have web filtering, as well as antimalware and antivirus software. It’s important to make sure that firewalls are in place at key points to prevent attacks and encryption should be used to lower the risk of identity theft. Keeping this software up to date is also of crucial importance.

Always have backups. Pharmacists need to ensure that all critical data and systems are backed up. In the case that you do fall victim to a cyberattack, having backups will allow you to have access to lost data. Make sure to always test backups for preparedness and effectiveness, and never keep them on the same device that they are backing up. It’s also important to encrypt all backups.⁴

READ MORE: Technology and Data Resource Center

References

1. The Joint Commission. Preserving patient safety after a cyberattack. Sentinel Event Report. August 15, 2023. Accessed January 17, 2024. https:// www.jointcommission.org/-/media/tjc/newsletters/sea-67-cybersecurity7-26-23-final.pdf

2. Figge H. Cyber security primer for pharmacists. US Pharm. 2016;41(2):26-28.

3. Dowell MA. Pharmacies must take steps to protect against data breaches. US Pharm. 2022;47(5):34-38.

4. Mooney B. The importance of cybersecurity in the pharmacy environment. Irish Pharmacy Union. Accessed January 17, 2024. https://ipu. ie/ipu-review-article/the-importance-of-cybersecurity-in-the-pharmacyenvironment/