Internet, Smart Devices Pose A Risk To Your ENT Practice

dr_EHR / February 4, 2016

How secure is your ENT medical practice?

Download FREE Practice Security Management Guide

In the digital age, the healthcare industry has had to face ongoing cyber threats, and cyber-attacks have become increasingly sophisticated with time. If medical practitioners do not take the proper steps to protect their data, they could be at risk. Not only could a data breach affect them financially, it will have a strong negative impact on the reputation of the company as well. For example, Blue Cross Blue Shield faced a $1.5 million fine, plus had to pay $6 million in labor costs after more than one million records were breached from a stolen hard drive. Taking the right precautionary measures will pay off.

In a March 2014 study from Ponemon Report on Patient Privacy & Data Security, researchers found that cyber-attacks against the healthcare industries have more than doubled within the last three years. Why the increase? Experts say that a medical identity is becoming a more precious commodity on the black market than even a financial identity. A cybercriminal has a financial identity that might be worth 5-10 dollars if they have access to all the information. If they have a medical identity, it can be worth up to five or 10 times that amount because it is easy to monetize the information.

Mobile and Computer Security: How to Protect a Medical Practice

First, it is important to regulate mobile devices that deal with sensitive information. Healthcare practitioners exacerbate security risks if they do not have proper procedures in place to reduce the risk of sensitive data falling into the wrong hands. Some may say, “That will never happen.” However, it can happen quite easily. For example, what if an employee’s phone gets stolen? With an authorization code for the phone and encryption for specific files such a risk can be mitigated. In 2013, the healthcare sector faced 199 major healthcare data breaches. In 85.4 percent of those breaches, the top three causes were because of a stolen desktop or laptop. When employees work remotely, it is crucial that they encrypt their files and use a password on their mobile phone and computers to prevent easy access.

Wipe the Copier Hard Drive

A little-known secret is that every copier since 2002 features a hard drive that saves information that has been scanned to it. That includes sensitive data that if stolen could cause embarrassment to a company, employees or even patients. When returning a copier at the end of a lease, do not rely on the copier company to wipe the hard drive. In many cases, it is better to find an IT professional who understands how to wipe a hard drive clean so that the medical practitioner will know it has been done.

As a healthcare provider, individuals have a responsibility to practice the highest ethics of the industry. If a major cyber-attack hits the systems, the cybercriminal will have access to information that includes birth dates, addresses, Social Security numbers, patient names and sensitive health information. How quickly a person responds to an attack will mitigate the negative effects.

Never ignore a data breach and hope it will just go away. Always take decisive action and err on the side of precaution. 

Download Practice Security Management Guide