4 Ways to Vaccinate Your Healthcare Business Against Cyber Attacks
November 09, 2015
Just as diseases infect the body, computer hacks compromise data and put businesses at risk. Here’s what you need to know in order to keep your business safe from cyber-attacks, and how to treat them if they do occur.
Diagnose the problem
In medicine, it always helps to know what you’re up against, and the same goes for protecting your data. Healthcare businesses are about 2.3 times more likely to have a data breach than companies in other industries. In the past ten years, the number of cyber incidents in the healthcare industry has increased more than six-fold.
Breaches are costly and widespread. The median cost of a breach is estimated at $150,000. In 2009, HIPAA began requiring health organizations to notify people when their information was compromised, and since then, 31.4 million people have been affected and $25.1M in fines have been levied.
No company is immune
Many small to medium-sized companies assume that they are not at risk for a cyber-attack. They think that hackers ‘won’t bother’ with a small company, setting their sights on bigger fish. This is simply not true. Over half of cyber incidents in 2014 were perpetrated on companies with under $50M in annual revenue. The big players, those with over $1B in annual revenue, represented just 15% of incidents.
Large companies tend to have more security in place, making them more challenging for hackers to breach. While cyber criminals may glean less data per event from smaller companies, their more lax security makes them ‘low-hanging fruit,’ and more attractive targets.
There are a number of steps you can take to prevent a breach. Make sure all of your employees use secure passwords on any device they use to access your network. This includes smartphones and tablets they may use to log on remotely. Consider implementing multi-factor authentication, which requires two or more passwords when using a mobile device. Ensure that passwords are changed regularly, and information should be encrypted when it is emailed or otherwise transferred from place to place.
Like vaccinating against a communicable disease, it’s critical that everyone in your organization take these steps. If one person doesn’t comply, they’re opening up a way for hackers to get in to your system.
A cyber insurance policy, or an endorsement onto your existing business insurance, can cover the costs of a breach. In addition, a policy may provide access to specialized vendors who will help your company comply with regulations and navigate the proper response process. A speedy and appropriate response to a breach will go a long way towards controlling costs and customer fallout.