October is Cybersecurity Awareness Month, follow the conversation and do your part #BeCyberSmart.
Follow us this month as we engage our health IT community in cybersecurity awareness.
There was a time when you would walk into any doctor’s office and the sliding walls or file cabinets of patient folders seemed endless. Guarded like vaults, all the information safely under lock and key. And in addition to patient data, there is employee data, which likely contained personal and banking records. The “really” important files might have been stored in a separate room or perhaps an executive’s office. Personal information, on paper, in physical cupboards. Not something we see too often today. Paper has been replaced with electronic data that can be accessed anytime, anywhere if needed.
Protecting Your Assets
No longer do we have physical keys to access important files, but passwords. Instead of paper copies, we have “the cloud” with your data backups. The actual building where your business operates is insured by a policy that would offer compensation should something like theft or fire occur. But have you ever considered that the most important asset to your business surviving, and thriving is no longer at risk of physical damage? Are you protecting the electronic and unseen assets of your business in any way, just as you do with an insurance policy for the building?
There are hostages in this disaster, but they aren’t people – they are your priceless files. The data that is on those files and can cause chaos for thousands of individual patients, and you’re responsible for what happens to them.
We’re Hacked – Now What?
Whether it’s social engineering, an attack on a connected device, or an old-school telephone scam – how do you recover, pay the ransom, and get back the funds that you lost? Perhaps you’re a private practice without a hospital affiliation and it is your name on the door, will your malpractice insurance cover this?
It’s a lot to deal with all at once and it’s overwhelming.
You might feel like you want to just shut down and run. But that option isn’t a solution. You have a family. Your employees need this job. You need this job. But you need help.
Being proactive with your cybersecurity means identifying and addressing any gaps in your business as well as teaching your team how to offset the risk that healthcare faces.
This article was originally published on HIPAA Secure Now! and is republished here with permission.