Cyberbullying and Cybersecurity in Healthcare

In many aspects, cyber-bullying and cyber-security are treated as separate and distinct issues in healthcare.  However, they are actually part of the same problem and are inclusive of one another rather than mutually exclusive of each other.  A culture that tolerates cyber-bullying creates an  atmosphere where cyber-security measures are taken lightly and not considered a serious threat.

Cyber-bullying often occurs on a micro rather than a macro level.  That is, cyber-bullying is more often to occur at an individual level. An individual or small group of individuals targets another individual or small group of individuals. The target may also be a patient. Examples of micro level cyber-bullying include the following:

Photo courtesy of Pixabay.com

*Accessing a coworker's  sent email messages and then bullying the employee over those messages.
*Rifling through another employee's computer files or desk work from computer files and then bullying the employee in the physical world over those files.
*Walking behind another employee while they are working or typing emails to see what they are doing on a regular basis and then bullying the employee based on that behavior.
*Gaining access to another employee's computer by entering their login or copying their login.
*A boss asking IT (information technology) personnel to grant him/her access to an employee's desktop all day, and the boss bullying the employee over activity on the desktop.
*Posting defamatory comments about another employee on social media and then showing it to several other work mates.
*Accessing another employee's phone or personal information in the workplace, and then sharing the contents of emails, posts and text messages.
*Showing text messages to several coworkers that were intended only for the recipient.
*Creating false social media profiles to gain information about the coworker.
*Using internal chat networks to diminish, demean, degrade or harass a coworker.

The list above provides only a few examples regarding how employees treat each other and do not respect the privacy and security of each individual worker within the organization. When each individual's privacy and security are not respected and the behavior is allowed to continue, then it reduces the security of all cyber activity in the healthcare organization. Cyber-bullying is and should be classified as a cyber-security breach within a healthcare organization. When cyber-bullying between employees occurs, then there is a greater risk for cyber-bullying or lack of adherence to cyber-security policies regarding patients and organizational information.

If any of the above issues occurred with patients, then the healthcare organization would be at risk. Employees may access patients' emails from highly connected hospitals. Patients' private phones may be looked through. Patients' social media profiles may be reviewed. Personnel may look up patient records and show other personnel, without a sign-on being required. Bosses may send out mass emails defaming an employee or a former employee.

In order to truly address cyber-security issues within a healthcare organization, policies should include recognizing the personal cyber-security of those working within the organization. Healthcare entities that recognize personal cyber-security and address cyber-bullying issues may find an increased awareness of and adherence to internal cyber-security policies and procedures.

Sources
Cybersecurity, American Hospital Association, www.aha.org/advocacy/leveraging-technology/cybersecurity.
“Healthcare Cybersecurity.” HIPAA Journal, www.hipaajournal.com/category/healthcare-cybersecurity/.
Gerry Grealish, Cloud Data Protection – Product & Marketing Executive at Blue Coat. “The Top 5 Cybersecurity Threats Hospitals Need to Watch For.” Becker's Hospital Review, www.beckershospitalreview.com/healthcare-information-technology/the-top-5-cybersecurity-threats-hospitals-need-to-watch-for.html.
Wright, Aliah D. “What HR Can Do About Cyberbullying in the Workplace.” SHRM, 19 May 2017, www.shrm.org/resourcesandtools/hr-topics/technology/pages/what-hr-can-do-about-cyberbullying-in-the-workplace.aspx.
“Cyberbullying in the Workplace.” Northeastern University Office of Information Security, www.northeastern.edu/securenu/cyberbullying-in-the-workplace/.