In early 2016, PBS called healthcare hacking an “epidemic,” citing the biggest cybersecurity breach in healthcare, along with dozens of others scattered throughout the year. The U.S. Department of Health and Human Services estimated that an average of four data breaches were occurring each week by March of 2016.
This poses a sobering question:
How can institutions like hospitals and healthcare facilities stay secure?
As security platforms become more sophisticated, so do hacking techniques. That’s why it’s critical for practices to stay up to date on the latest cyber security risks and safety procedures. While it may seem like you need to be a technology expert to have any understanding or control of your cyber safety, this isn’t the case. There are several basic steps you can take right now to protect your practice in 2018.
The Easiest, Fastest Way for More Protection
One of the easiest and most important things you can do right now is set up stronger passwords and router protection. Your internet router should be password protected and not open to the public. While most private homes and many businesses already have router passwords in place, they’re not always particularly secure. Check that your password includes letters, numbers, and symbols, and never use something that would be easy for a hacker to guess. No street addresses, birthdays, or business initials! No matter how obscure you may think it is, any publicly available information is always a bad idea for a password, even if it will make the password easier for you to remember.
Next, give each of your employees their own login and password for their computer and other important applications. This isn’t about employee trust; it’s simply an additional security layer that makes penetrating your system a little harder. Avoid purchasing any applications that do not offer password protection. Remember, it’s not only your computer that can be breached. Make sure any other internet-connected devices in your office are password secured.
Another rule of thumb is to use two-factor authentication wherever possible. Two-factor authentication is just what it sounds like – a login that requires two different items to identify you, typically your password and acknowledgment of your login attempt from a mobile phone. Gmail, for instance, allows you to log in with your normal password, then approve a simple screen prompt on your phone to log into your email on your desktop computer. This ensures that anyone who steals just your password will be unable to access your account unless they also get their hands on your mobile phone.
One of the Most Common Ways to Get Hacked
Receiving suspicious emails from people with strange names or email addresses you’ve never seen before? Mark them as spam, and don’t bother opening them. While email spam filters are fairly accurate, things can always slip through the cracks and reach your inbox.
In some cases, these emails come from sources posing as reputable institutions (such as your credit card company) hoping to bait you into clicking. One major red flag is any subject with the words ‘URGENT’ or ‘EMERGENCY,’ or an email which asks you to reply with personal information. When in doubt, listen to your gut and delete the email.
No More Excuses to Not Use Strong Passwords
LastPass is an application that stores your passwords, allowing you to create complex passwords without having to remember them. Users can compile logins to several websites in their “vault” and access it from any of their own devices. Use the LastPass Security Challenge to pinpoint weak passwords so you can update them. While the app is cloud-based, it offers “two-factor authentication.” This means that even in the event of a LastPass hack, outsiders can’t access your accounts with your passwords alone. If you’re still hesitant to use a cloud-based app, KeePass offers similar services that are not online.
It’s better to be proactive than reactive. Keep these tips in mind when toughening up your practice’s security barriers in 2018.