by Ray Foxworth, D.C., FICC •
President & Founder, ChiroHealthUSA •
Every chiropractor now accepts that technology provides a competitive edge. Sadly, both hardware and software are under constant attack by cybercriminals. Over 53% of healthcare organizations have experienced a cyberattack in the past year. What’s motivating such a targeted criminal campaign?
The Goldmine of Personally Identifiable Information (PII)
PII is any data that can identify an individual either directly or indirectly such as their Social Security number, financial information, email/phone numbers, or medical history. Hackers can access this information to commit crimes like identity fraud, extortion via ransomware, or selling PII to the highest bidders to formulate phishing scams.
Patient health information commands a higher price on the black market than data from any other industry. It’s the gateway to a potential fortune for cybercriminals, but a disaster for the practices they target. Lawsuits, lost faith, and ruined reputations, litter the landscape wherever chiropractors didn’t make cybersecurity a priority.
Consider the leading chiropractic software platform which was compromised in the UK and saw patient records vanish. A Phoenix chiropractor was taken offline after a single incident. An Oregon chiropractor spent years operating while infected following a cyberattack they never even knew had happened. When it was eventually stopped, the Tillamook Clinic had suffered serious financial and data compromise.
What makes the Tillamook case so compelling is that they weren’t lax with cybersecurity. It was quite the opposite. They had a solid approach and were still breached. This shouldn’t be cause for alarm, however; just a wake-up call for all chiropractors that it takes more than machines to stay safe.
How Your Practice Can Improve Cybersecurity
Comprehensive cybersecurity has as much to do with your practice’s collective attitude, meaning staff and patients, as it does with technological steps. Combine a security-conscious work culture with hardware/software best practices by implementing the top five steps.
- Train Staff and Pre-Warn Patients
The National Institute of Standards and Technology offers workforce resources to develop staff cybersecurity skills. Encourage patients to regularly check for irregularities in their PII or in their financial lives. Provide links to monitor their credit scores and address identity theft.
- Backup and Update Regularly
Make copies of your system files and store them on removable drives or in the cloud. This prevents network access by hackers and allows for quick restoration of lost/corrupted data on the mainframe. Always update programs to their latest versions.
- Be Link-Leery
Never click on links or digital attachments from an address you don’t trust. Even then, confirm in advance if the trusted party really did include a link. Use email etiquette.
- Add Protective Measures
Anti-virus, anti-malware, passwords, firewalls, multi-step authentication, data encryption, and wi-fi security are all vital tools in your fight against cybercrime.
- Stay Informed
Cybersecurity is a constantly evolving sector. Keep your practice in the loop by subscribing to the CISA’s mailing list.
Connect with Us for a Safer Practice
At ChiroHealthUSA, we’re no strangers to risk management. We’re here to help practices and patients thrive. With all the rules and regulations around healthcare today, it can be difficult to see just where your risk may lie. Many of our trusted partners and colleagues offer assistance with keeping your practice safe. A Gap Analysis by ChiroArmor can help you see where you may be deficient. See how they can handle the stress of compliance for you. You have patients to see. Request your free gap analysis today.