According to a study conducted at the University of Maryland, a business breach occurs every 39 seconds, and private practices like yours are a prime target for motivated criminals. What should you do if you become a victim of a breach? We’ve compiled a trustworthy road map to follow without delay.
1. Ask an expert
Before you hit the panic button, you need to be sure you encountered an actual breach. Your first call should be to an expert to verify you had a breach, or if it was just a security issue. Many practices have jumped the gun on thinking they’ve encountered a breach, when, in fact, they have not. Should it be a confirmed breach … read on.
2. Tell the whole truth and nothing but the truth
Your patients’ private information is already at risk, so it’s best (and legally required) to come clean ASAP. Trying to fly under the radar will only further compromise your practice’s reputation and subject you to a slew of fines and penalties. Disclose the breach to HHS and your state office if applicable. They will need to know what happened, how it happened and how you’re fixing it. If you have an expert HIPAA consultant on hand, this is a great time to consult with them.
3. Strengthen cybersecurity protections
If a breach has occurred, there’s a crack in your armor. It’s time to find a security solution/partner with a strong infrastructure to thwart away future intruders, educate your team on safe IT procedures and brush up on easy procedures that make a world of difference:
- Change passwords frequently (every 90 days is excellent).
- Never leave your computers unattended
- Decline emails & attachments from unknown senders
4. Conduct annual cybersecurity assessments
A great IT partner will provide you with a cybersecurity assessment to conduct internally each year to confirm your security processes are up to snuff. Aside from being a great practice, annual internal cybersecurity assessments are required for HIPAA compliance.
Regardless of where your practice currently stands, our Onyx Partnership ensures maximized security protocols. From secure data backup to 24/7 proactive monitoring, we’re basically the Secret Service for your practice. Contact us to learn more about we can help shield your practice from malicious hackers and malware.
Posted in Tech News