A patient's medical history is not something they want shared with the world; it's private and personal. Nor is a patient's medical history something you can legally share. Unless you want to be found guilty of violating HIPAA regulations and have your medical license revoked, keeping a patient's medical history confidential is one of your top priorities as a medical professional.
Now that sensitive patient records are all primarily \filed\" on computer software, the likelihood that your medical practice will suffer a healthcare breach has increased.
While hackers have not stopped targeting financial records, a stolen credit card no longer makes a worthy return on investment. On today's black market, medical records fetch a significantly higher sum than a credit card number. As reported by Reuters, a patient's "medical information is worth 10 times more than [a] credit card number on the black market."
What does this information mean for your medical practice? It's a warning: unless you take the time and put in the effort to safeguard your patients' medical records, you could be held liable for the records' theft and sale.
To protect your patients and your practice, educate yourself on the different ways to spot a cyber intrusion in your network. Here are three ways how:
Everyone has to deal with slow internet. While this initially seems like a commonplace issue, if it's not something you regularly have to deal with, then it's something more serious than turning the router off and on again.
Business News Daily writes that slow internet "could be a sign of a compromised machine that is sending out lots of traffic, or that malware or a virus is on the machine." If this is happening, you will need to contact IT personnel immediately to check out the situation. If it's found that a cybercrime is occurring, attempt to lock out the criminal, shut down the program and contact your cyber insurance company immediately.
Unfamiliar User Account Activity
Only privileged users should have access to confidential patient healthcare data. According to CRN Magazine, if a cybercriminal is able to gain access to your practice's data, they will try to "elevate system privileges or move laterally to users with higher privileges." If there is unusual account activity between users, it's one of two things: a cybercriminal has been able to access user passwords, or, an employee is the acting criminal.
Change all passwords and restrict access. Monitor employee network use and contact your insurance company and IT team to inform them of the situation.
Locked Out of Computer Accounts
Cybercriminals love to lock users out of their accounts. A locked account tells users straightaway that there is something amiss with the account. This is when the cybercriminal will take it upon themselves to alert the user and demand a ransom. As advised in the above paragraphs, contact your cyber insurance company. Your cyber policy will cover the cost of the ransom as well as the repairs or replacements to your equipment. If the cybercriminal was able to steal and sell patient medical history online and your patients took you to court, your policy would cover attorney fees and restitution.
Cyber crooks do what they can to make a buck, all at the cost of your medical practice. Protect your patients and your practice today when you sign up for a cyber insurance plan today with CyberPolicy.