May 12 2022

Nurses Are Vital to Maintaining Healthcare Cybersecurity

The future of healthcare security will require nurses to play a larger role in crafting policy and receiving training that fosters connections between nursing staff and IT leaders.

Nurses are the backbone of healthcare organizations, managing not only the care and safekeeping of patients, but also serving as the communication hub between physicians and other caregivers.

Thanks to their in-depth knowledge of facility and patient workflows, nurses may be the first to identify cybersecurity pain points and issues that others might not see.

Click the banner below to discover more content focused on nurses vital role in health IT.

Include Nurses in Cybersecurity Training and Strategy Planning

Teri Young, a nurse and vice president of clinical systems and chief of clinical informatics at University of Maryland Medical System, says one of the challenges for healthcare organizations is how to better engage nurses when they’re being trained on issues of cybersecurity.

“It’s a tough balance to not overload them with the annual training they’re required to do while also ensuring they are vigilant about cybersecurity,” she says. “No. 1, there must be nurses represented in the IT space so there is a connection between technical folks and the nursing staff.”

She explains that UMMS recently conducted a tabletop security exercise for a cyber event, which included pulling in a group of nurses to be involved in the response to that exercise.

“We’ve also had an entire group of nurses over the past two years reviewing and revising our downtime policy approach as an entire organization, not just by individual hospital, so that everybody is speaking the same language,” Young says.

EXPLORE: HealthTech Influencer Sherri Hess discusses key IT trends for nurses.

From Kerry Barker’s perspective — she’s a nurse and interim account manager of Epic Services at CereCore — nursing should always be included in planning for cybersecurity approaches.

“We need to make sure that the training and information is relevant to their true workflow experience,” she explains. “By including a representative who can approach common issues, we can personalize the experience and have better buy-in from the healthcare team.”

Barker adds that training should involve scenarios that are more true to life for nurses.

“The more the nursing team can visualize itself in that scenario, the more relevant the training becomes,” she says.

Cybersecurity Shouldn’t Impact Nursing Workflows and Patient Care

Jill Ellis, a nurse, solutions expert and nursing leader at NRC Health, notes that nurses are the largest employee group in healthcare, and they use medical records on a regular basis.

Going forward, she says it will be critical to have nurses at the table and on teams involved in cybersecurity planning, from building cybersecurity strategy and reviewing regulatory compliance to reporting incidents and helping build out the best plan.

“Cyberattacks are growing, and nurses spend most of their day in the EMR and in their healthcare email,” she says. “In their busy world, in the blink of an eye, they could click on a link that could affect their whole healthcare system.” 

Ellis says it also requires a change of mindset to think of digital tools as hospital equipment that should be protected from theft.

Barker points out that one of the key issues for nursing and cybersecurity is easy access.

“When you increase the difficulty in a sign-in process or develop a complicated password strategy, this slows down productivity and the ability to respond to potential life-threatening emergencies,” she says. “Strategies need to be mindful of the ability to still have quick access.”

Jill Ellis
Cyberattacks are growing, and nurses spend most of their day in the EMR and in their healthcare email. In their busy world, in the blink of an eye, they could click on a link that could affect their whole healthcare system.” 

Jill Ellis Solutions Expert, NRC Health

Another key factor to consider when taking the experience of nurses into account is mobility.

“Nursing and other healthcare workers are constantly on the go,” Barker says. “To access information and perform nursing functions, they need to have secure mobile solutions that don’t tie them to a desktop machine and keyboard but still provide protection from cybersecurity issues.”

She adds that one of the easiest ways to protect patient information is to log out or securely lock the screen before leaving the workstation or phone.

“It’s an easy step, but busy people get distracted and walk away,” she says. “Another way is to never instant-message or text a patient’s name or medical record information.”

Young says there is growing recognition that nursing leadership has to be involved more regularly as active participants when crafting security practices.

She says a greater level of transparency, where colleagues and other organizations pledge to share their experiences with the larger healthcare community, is also helping to raise awareness and ensure that nurses are sitting at that table.

“That’s how you end up spreading some of that education,” Young says. 

WATCH: Learn how technology is transforming nurse workflows.

sturti/Getty Images

Become an Insider

Unlock white papers, personalized recommendations and other premium content for an in-depth look at evolving IT