With cyber-attacks and data breach incidents growing in frequency, it is critical to ensure that your medical practice has taken all reasonable measures to protect you hackers.
Consider the following questions. If your answer to any of them is “no,” your firm may be vulnerable to hackers.
- Does your practice backup all important data and information frequently? Regular backups reduce the likelihood that critical data is lost in the event of a cyber-attack or physical incident such as a fire or flood. The primary defense against ransomware attacks is to institute frequent backups of the files you do not want to lose, and to protect the backups in a remote or external location where they are safe from ransomware that seeks out backup copies.
- Are your employees required to complete regular cyber-security awareness training? Practice’s might not invest in the cyber-security awareness training necessary to educate their employees on ever-present dangers, such as clicking on links or attachments found in emails, downloading malware through insecure websites or social media, or responding to requests for information from socially-engineered emails designed to scare people and exploit their desire for a good deal.
- Have you implemented the “least privilege” concept of user permissions? Strictly defined user permissions and restrictions help ensure that people have only the level of user rights that they need to do their jobs.
- Do site administrators log out of systems and programs immediately after they have completed their tasks? Excessive rights and activities enable malware to cause more harm and result in greater data losses.
- Have you had a cyber-security expert test and evaluate your practice’s systems? Experts familiar with the firm’s systems can work with insurance and breach response service providers to reduce damages from breaches, minimize the costs of addressing the problems, and enable the firm to recover sooner.