If recent cyberattacks on healthcare networks have made you start wondering about data security, we apologize in advance for two recent articles that aren’t going to do a lot to ease your concerns as we head into the new year.
Healthcare a prime target for hacking
The first is a report issued by Experian, a global information services company. And the outlook isn’t good for 2017.
When it comes to predicted cyberattack targets in 2017, “(h)ealthcare organizations will be the most targeted sector, with new sophisticated attacks emerging.”
So, yes, healthcare is expected to be one of the top five industry targets. That’s primarily due to the fact that health data is extremely valuable information, thanks to its role in medical identity theft.
Many of these attacks, according to Experian, will come in the form of ransomware. (What is ransomware? We wrote a post about it here: http://duxware.com/duxware-blog-newsletters/161-protecting-your-systems-from-ransomware.)
“Ransomware presents an easier and safer way for hackers to cash out; given the potential disruption to a company, most organizations will opt to simply pay the ransom,” the report reads.
Internal threats are real
And … to make matters worse, outside attacks are not your only concern. According to security expert Frank Abagnale, it’s people and not technology that lead to most data breaches.
Which means that yes, simple things that your staff may do inadvertently can lead to data theft.
Abagnale, who was the subject of the film “Catch Me If You Can” and is considered to be one of the leading authorities on forgery, fraud, and secure documents, said that carelessness is cause for concern.
“The majority of people are honest, they do not think in a deceptive way – but I do,” he said. “So people think there’s nothing wrong with leaving an address here or a Social Security number there. But when you explain to them this is why it’s a problem, and this is what someone can do with it, people are smart enough … to go back and do what you can suggest they do.”
What can you do?
So, how can you help stem these issues in 2017?
The first thing is to educate your staff. Make sure they’re not leaving documents in places where they can be seen by other parties — including other patients. Also, walk through your office and see if there are any places where you may need to move a computer monitor or fax machine to prevent any inadvertent document sightings.
Next, have a plan in place in case of a cyberattack. Make sure you have a firewall installed on your network. And be sure you’re backing up your systems frequently. If you’re using an analog method of backing up your files, make sure that those files are secure as well, possibly even in a locked cabinet.
By taking these simple steps now — while it’s not possible to completely let your guard down regarding data security — you can rest assured that you’ve done everything you can to prevent something from happening. And then, simply be ready to respond if necessary.