8 Ways Small Medical Practices are Vulnerable to Cyber Attack

In 2017, an AMA survey of 1300 physicians revealed their thoughts regarding the most common cyber threats and concerns facing small medical practices. The AMA cybersecurity report found that the most commonly seen cyber attacks involved phishing and viruses – and that 83% of practices had already experienced a cyber attack.

With such a large percentage of physician practices experiencing cybercrime, it is evident that these types of organizations should take a close look at their strategy for security to protect private patient information, critical medication lists, diagnoses and lab results.

Fact: Due to the numerous types of fraud which can result from medical records, health care documents are more valuable to criminals than either a Social Security or credit card number.

How Small Medical Practices are Vulnerable to Cyber Attack

1. Every year, millions of smartphones are stolen. Your medical practice employees should by sure to encrypt and password-protect all personal mobile devices which they use to access medical records.
2. Over 80% of cyber attack events are preventable. Practices who do not regularly apply software and hardware updates and patches are vulnerable to new threats.
3. Cybercriminals are coming up with new malware every day. It is impossible for a small medical practice to keep up with the threats, but updating your anti-virus software when prompted will do the job for you.
4. Unauthorized access to private wi-fi networks is a leading cause of security incidents. Establish a private wifi network for your staff and a completely separate network for guests. Make sure passwords are distinctly different.
5. Criminals have software that can crack normal or common passcodes. Implement a policy of employee passwords that are random strings of letters, numbers, and symbols.
6. Macros are Microsoft Office applications which automate routine tasks. However, macros can contain malicious code that can be used to attack vulnerable networks. Make sure macros are disabled in Office if possible.
7. Firewalls are designed to block unauthorized inbound access to computers and networks while permitting outward communication. Installing a firewall at your practice is one of the most effective ways to prevent a cyber attack. For the best firewall for your network configuration, call a managed services company for advice.
8. Many small medical offices lease their copiers and multifunction printers.

This equipment often contains hard drives which are similar to computers, and automatically save a copy of every printed or copied document. As these documents may contain protected health information, medical practices must take steps to destroy the data stored on the devices’ hard drives when the machines are returned. Ask your vendors to work with legal counsel to put contractual assurances in place which will guarantee medical data destruction.

Small medical practices may think that they are not an attractive target for cyber attack, but the numbers tell a different story.

Criminals looking to exploit medical data records assume that smaller enterprises are not properly protected – and are therefore an easy target.

You can take the above steps to protect your practice from cybercrime and attack. For even more ideas, tips and advice on how to best protect and maximize your networks, call Alliance IT. We are here to help with all your Sarasota and Bradenton IT services needs.