Recently the media went crazy over the ransomware cyber-attack on UK hospitals and across Europe. Last year in California and Kentucky hospitals were hit with the same type of attacks, the reason hospitals and medical practices are subject to these attacks more so than other organizations is because healthcare cybercrime is a lucrative business on the dark web. Dell had reported that in July 2013, EMC that hackers at that time were selling documents like Social Security numbers, bank accounts, health insurance credentials and counterfeit documents for $1,000 per each dossier.
As more medical practices turn away from processes that are paper-based, cyber-attacks grow. Hospitals and medical practices need to coordinate all their efforts around the entire information system, protecting all the data, not just what is considered the most important or the top layer. If organizations don’t then a good hacker will find their way in to get to the data they want.
Currently, 50% of cyber-attacks go unnoticed by antivirus software, putting many practices at a higher risk than they realized. The data is usually sold on the dark web which is a part of the web that is hidden and not accessible through your normal everyday web browsers. This allows the users to remain completely anonymous.
Protecting Against Cyber Attacks
A Southern California Controllerknows having organizational policies in place for social media, BYOD (bringing your own device) and employee access to the network can help control being a target for these cyber criminals. Medical practices can take some precautionary measures as well against cyber-attacks with assessments of their networks periodically.
Assessing the current state of readiness and the ability to detect, identify, and protect, from security incidents, puts the organization in a position to attain a level of readiness moving forward. This puts the medical practice in a position of strength.
How do Medical Practices Ensure Cybersecurity?
Determining a medical practices cyber-attack preparedness is more critical than ever before. Every organization, regardless of size, location, and industry, must re-evaluate all areas. Are cyber security risk assessments performed periodically? Is there s security plan in place? Is the correct team with the right knowledge in place? What technologies have been currently deployed to protect the practice’s data?
This is just the beginning. Cyber attackers are more sophisticated in their tactics as our culture becomes more rooted in digital record keeping. If you would like to speak with Southern California Controller regarding your medical practice click here.