Regular cybersecurity training and the placement of a button on email to enable employees to report suspicious messages to the IT department for investigation—rather than clicking on the message—helped mitigate a recent phishing attack on five-hospital Baystate Health in Massachusetts.

Baystate has nearly 13,000 employees, and many received the malicious email—designed to look like an internal Baystate memo to employees—but only five of them clicked on it, a spokesperson says. That still put protected health information at risk for 13,112 patients.

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access