Be wary, cyber hackers are coming. They will try to compromise your clinic website. They get in, grab customer account information and get out, at light speed. Small business owners have a right to be concerned. Due to the gravity of HIPAA laws, it’s an ongoing struggle to protect patient’s health and financial information.
Be aware, there are simple techniques you can implement to reduce the risks of your clinic’s IT infrastructure getting maliciously hacked.
Educate your Employees in Cyber-Security Awareness
Cyber hackers are tricksters. Teach your employees that it’s a jungle out there in cyberspace. One of the hacker’s favorite ploys is to send mass “socially engineered” e-mails. When the employee responds or clicks on the attachment, malware is initiated.
Remind computer users in your clinic to change passwords on a frequent basis. Passwords must be “strong” (e.g. minimum 12 characters, mixture of symbols, numbers and letters).
Note: Passwords must never be written down and tucked in a “safe place”.
Proper training will ensure employees aren’t inadvertently inviting a security breach, which could potentially put your clinic out of business. Are you aware that cyber-tricksters can connect “keystroke software” to your computers that can literally empty your bank accounts?
Big or Small – Hackers Hit All
Just because your clinic is on the smaller side, doesn’t mean you’re immune to cyber-security attacks. Everyone using a computer is at their mercy, unless preventative procedures and right tools are in place.
Symantec, a cyber security company, researched and reported that businesses with 250 employees or less, now represent 31-percent of overall cyber-security attacks.
Small clinics have a greater potential of cyber-attacks than big businesses, because typically they do not devote adequate resources to cyber-security protection.
Write a Cyber-Security Protocol
Gone are the days of handshakes and smiles. Document your Cyber-Security Protocol in writing. Ensure all employees have access to company protocols and policies.
Not sure of the essential points your protocol must cover? Both the Small Business Administration and Department of Homeland Security provide online resources about cyber-security risks.
Your protocol should include the clinic’s stance of whether employees are permitted to browse non-work-related websites and/or social media; whether employees can access clinic data from off-site and whether employees can use their personal laptops, etc. and/or save confidential documents on them.
Backup procedures are non-negotiable. If your data gets compromised, regular backups are the saving grace. Sensitive materials should be backed up on an off-site secure server. Appoint an IT savvy employee to back up your data or better, hire a professional security company.
A survey by Identity Theft Resource Center, shows that 43 percent of cyber-theft occurs in the healthcare sector, more than in the banking industry.
Best option is to hire a professional service to handle your cyber-security needs. They will do backups of your system, keep your virus protector updated and keep a vigilant eye out for hackers.
Even if you must cut the budget, allow funds for security professionals. Money, you spend now, may just save you from going out of business later.