Most of the time, a five-day vacation is something to look forward to, but if that vacation is unplanned and filled with anxiety over when you can get back to work, it’s probably not much of a holiday. It becomes a burden; financially, emotionally and even physically on everyone involved.
This is what it feels like when ransomware attacks a practice. Get ready to cancel all of your appointments, damage patient trust and pay HIPAA fines on top of it all.
And no, ransomware isn’t exclusive to big hospital systems. Small to medium medical and dental practices are prime victims because the hackers know that many such practices are more vulnerable to these attacks.
Here’s what you need to know.
Ransomware is a particular type of malware that encrypts all of your patient files so that you can’t access them. The hacker then demands a ransom in exchange for unlocking the data. In some cases, the hackers keep up their side of the deal. In other cases, they take the money and then sell your patients’ information on the black market, turning this into a compliance and regulatory nightmare. As more medical practices have worked to increase security over the past several years to comply with compliance standards like HIPAA in the US or PIPEDA in Canada, dental practices become even more of a target.
According to Sylvia Burwell, secretary, U.S. Department of Health and Human Services, “Cybersecurity is one of the most important challenges we face as a nation…Unlike many cyber threats, ransomware is immediately disruptive to day-to-day business functions and, therefore, your ability to provide high-quality health care.”
According to the Office of Civil Rights (OCR), which is the federal department that enforces HIPAA compliance, around 4000 attacks happen each day. Having proven lucrative for the thieves, these attacks are on the rise.
Hackers have many virtual windows they can climb in through to access your files. Some common methods used are very inconspicuous yet effective like:
In some cases, hackers find clever ways to gain access to computers that aren’t even on the Internet.
The American Dental Association (ADA) reminds dental practices that the OCR has established several steps you can take to protect yourself from these attacks, including:
Any business who would be negatively impacted by having their customer data encrypted is a possible target. As larger practices increase security, smaller entities like dental professionals find themselves a more enticing target. You can take steps to significantly reduce your risk. For more information on keeping your practice safe, follow our blog.
Thanks for helping us upgrade our Macs and get them working exactly as our business needs! Fast, convenient and very knowledgeable! You’re the best!
Alary Technologies has been our IT support team for the past year at the START Clinic for Mood and Anxiety Disorders.Â They have done a excellent job in upgrading our system, organization, and supporting us in technical computer matters.Â Compared to other IT companies we have worked with, Alary Technologies comes on top.Â Ahmed Kufaishi the Managing Director at Alary Technologies is solution focused, knowledgeable and makes an effort to really understand his clientsâ€™ needs.Â It has been a pleasure to work with Ahmed and Alary Technologies.Â I would recommend their services to other companies and clinics.
â€œWe continue to work with Alary Technologies due to the fact that they are quite educated and knowledge based with current upgrades, and their commitment to their customers.â€
Ahmed has been providing our company with expert IT services for close to 3 years. He has guided us through hardware upgrades, server back up procedures and was instrumental in brokering a custom software program that fully automated some key functions in our business. Ahmed has always been thoroughly professional in all his dealings with us and has provided consistent and sound advise for all of our IT requirements. We consider Ahmed and Alary Technologies to be an important partner for our business.
It is refreshing to work with someone who can organize things and describe in plain language. I have a large and growing knowledge base for my work as an architect. I have realized that I canâ€™t do everything, that I do need a team member who can look after this one relatively small by crucial part of my practice.