Dental Practices Face The Growing Threat of Cybercrime
As your dental practice relies more and more on digital systems, the bigger target you are for cybercriminals. Is your practice properly secured?
Technology has changed the healthcare world – both for better and for worse.
Just as technology helps the healthcare industry through the convenience of data storage and access, it also presents serious cybersecurity risks – healthcare organizations make up 33% of all cybercrime incidents across all industries.
To put it simply: the easier it is for you to access Protected Health Information (PHI), the easier it is for cybercriminals to do so as well. Don’t make the mistake of assuming that just because you’re not a major hospital that you aren’t a potential victim – data is data. If you’re an easy target, cybercriminals will find your dental practice.
If you want to take advantage of the benefits that modern healthcare technology has to offer, then you have a responsibility to make sure it’s properly secured against today’s more common cybercrime threats.
Is Cybercrime A Real Threat In The Dental Industry?
If you’re paying attention, you’ll have noticed that cybercrime is getting worse in the healthcare world. The Health and Human Services (HHS) Office for Civil Rights’ monthly report for October found that:
- October saw a 44% increase in cybercrime attacks on healthcare organizations when compared to September
- 52 breaches occurred in October alone
- Over 38 million healthcare records were breached in 2019
Take, for example, the mid-2019 attack when hundreds of dental practices across the US were infected with malware. Over the course of a single weekend, hackers penetrated the target systems, and by the time dental staffs came in for work Monday morning, their patient data was inaccessible.
Instead of targeting the dental practices directly, hackers went after a digital “bottleneck” of sorts – the developers of software that so many practices use, DDS Safe. This medical record retention and backup solution is meant to help practices manage their patient data, but the hackers turned it against them.
The developers (The Digital Dental Records and PerCSoft) were the ones forced to pay the ransom, with their many dental clients putting pressure on them to restore their access to data. As is always the case, paying the ransom didn’t immediately solve the problem – the recovery process has been long and tedious.
Can you afford to be a victim of a similar attack?
How Should You Protect Your Dental Practice?
- Anti-virus & Firewalls: Antivirus software is used in conjunction with a firewall to provide defense against malware, adware, and spyware. Each of these cybercriminal tactics has the potential to do immense damage to internal processes and a company’s reputation. The job of antivirus software is to spot, block, and isolate intrusive, malicious applications so they can’t do damage to your data and legitimate software. Antivirus is installed to protect at the user level, known as endpoint protection, and is designed to detect and block a virus or malware from taking root on a user’s computer, or worse, accessing a network to which the user is connected. Similarly, your firewall is your first line of defense for keeping your patients’ information safe. A firewall is a particular type of solution that maintains the security of your network. It blocks unauthorized users from gaining access to your data. Firewalls are deployed via hardware, software, or a combination of the two.
- Two-Factor Authentication: Two-Factor Authentication is a great way to add an extra layer of protection to the existing system and account logins. By requiring a second piece of information like a randomly-generated numerical code sent by text message, you’re better able to make sure that the person using your employee’s login credentials is actually who they say they are. Biometrics like fingerprints, voice, or even iris scans are also options, as are physical objects like keycards.
- Data Backup: Do you have a data backup policy in place? If not, then you’re vulnerable, right now, to ransomware. Ransomware has quickly become one of the biggest cyber threats to businesses today – remember the Wanna Cry epidemic that infected hundreds of thousands of IT systems in more 150 countries? That was ransomware, and it could happen to you too. Unless that is, you get a data backup solution put in place. If you have you have a data backup solution, then it doesn’t matter if your data has been encrypted. You can just replace it with your backup, simple as that. That’s why you should make a considerable investment in a comprehensive backup data recovery solution so that you can restore your data at a moment’s notice when necessary. Be sure to:
- Back up data on a regular basis (at least daily).
- Inspect your backups to verify that they maintain their integrity.
- Secure your backups and keep them independent from the networks and computers they are backing up.
- Encryption: In layman’s terms, encrypted data is formatted in a secret code that would be meaningless if intercepted. It is one of the most efficient ways to secure a database given that decryption can only occur through a key, which is essentially a “secret password”. In this case, there is a need for updated encryption software to ensure that private information is only accessible through the database program. Encryption technology is a great way to protect important data. By making data unreadable to anyone who isn’t supposed to have access to it, you can secure files stored on your systems, servers, and mobile devices, as well as files sent via email or through file-sharing services.