As mentioned in previous posts, the COVID-19 pandemic opened the door for increased cyberattacks of all kinds. With many of our interpersonal communications moving online, hackers and criminals are continuously finding new ways to compromise our cybersecurity, and by extension, access our personal information. This problem goes beyond our personal devices, however, as healthcare-providers are a major target due to the valuable information that is kept on file. With countless breaches, ransomware attacks, and lost data, healthcare providers are turning to off-site backup services to ensure their patient and office data is safeguarded from threats.
Dan Lohrmann wrote an insightful blog post covering the various topics under the umbrella of cybersecurity amidst COVID-19. Lohrmann summarizes that as much of the workforce shifted to a remote, virtual mindset, cyber criminals began taking advantage of the shift while most people remained in an adjustment period. In April 2020, WHO reported a higher number of cyberattacks on the organization’s staff, for example, via email scams. Lohrmann lists the many news articles that connect the vulnerability that the pandemic brought, with the increase in online criminal activity.
While we have largely become used to regularly using virtual means for work, education, and socialization, cyberattacks still pose a massive risk to us.
What does this mean for dentists?
Your dental practice’s information is highly valuable to a hacker. Patient information, financial records, or even staff records can be used for malicious purposes in the wrong hands. While most of your work is done in-person, your computers can be compromised by something as innocent-seeming as an email. To ensure your data is safe from cyberattacks going into the future, ensure your team members are properly trained in cybersecurity. Social engineering, phishing, and vishing are all terms that your front-desk staff should be aware of. In addition to this, it is best practice to review and update this training at least yearly, and when there are staff changes or other major changes in your practice or more often if needed. Cyberattacks evolve as new technologies become implemented, meaning that your team needs to know what to look out for as hackers adjust their tactics.
Another way you can protect your practice’s data is by keeping all computer systems, platforms, and software that your practice uses up to date with the latest versions. We spoke more in-depth on this in a previous blog post, but to summarize, software and system updates patch any insecurities that hackers may have found in between updates. These updates also are ever-improving security measures, so keep cybercriminals at bay by making sure your systems are not out-of-date.
In addition to making sure hackers can’t cause any damage from the start, always have a backup plan in case of the worst possible scenario. If your office lost data, your practice could be significantly impacted for days, maybe even weeks, or even permanently, depending on the type and severity of the attack. Make sure your practice data is regularly backed up, either locally or in a cloud server. All practice data should be backed up, including all patient records, financial information, schedules, etc. Having a backup ready in case your office experiences the worst-case scenario saves you hours of distress in trying to get that data back or dealing with the repercussions if it is lost for good.
In summary, prioritize your practice’s data security by:
- Ensure your staff has up-to-date cybersecurity training regularly.
- Keep your software, computer system, and all platforms up-to-date.
- Back up your practice data regularly – either remotely (such as ABEL RBS, a remote backup service using cloud technology), or locally.