• MJHLS Brand Logo

© 2021 MJH Life Sciences and Medical Economics. All rights reserved.

8 ways to protect your data from hackers

April 14, 2020
Chris Mazzolini

Chris Mazzolini is the editorial director of Medical Economics

,
Logan Lutton

It’s impossible to guarantee your data will be safe, but there are best practices you can follow to reduce your chance of a hack or breach

Cyber criminals target healthcare organizations-even small practices-because their data contain patient names, birthdates, addresses, social security numbers, credit card numbers, and health insurance information. Whether the hackers use the information themselves or sell it to others on the black market, that’s all that’s needed to steal identities and commit fraud. That’s why healthcare data is more valuable even than credit card records.It’s impossible to guarantee your data will be safe, but there are best practices you can follow to reduce your chance of a hack or breach. Here are 8 ways to protect your practice’s data:

Review current practices and policies
Protecting data is the responsibility of the practice, not the EHR provider or software designer. Identifying vulnerabilities before a hacker does is the goal. Some cyber insurance providers will conduct a safety audit for an additional fee

Protect all devices
Encrypt and password-protect mobile devices, including laptops, tablets, and smartphones. Set policies on who has access to the devices and who can remove them from the office.

Install and update anti-virus software
Keep software and operating systems up to date and patched.

Segregate wi-fi networks
Create separate wi-fi networks for your practice and your patients, using different passwords for each. Unauthorized access is one of leading cause of security incidents every year.

Change passwords regularly
Enforce a workplace policy requiring strong passwords with a mixture of letters, numbers, and symbols.

Limit levels of access to data
Employees should have access only to the information they need to do their jobs.

Train employees
All staff should be taught to protect data and how to identify disguised attacks, such as phishing emails, which are disguised as legitimate communications, but can install malware if opened.

Back up all data regularly
Backups should be kept off site and off network.

PreviousNext