Designed Exclusively for Medical and Dental Offices
Learn How To Fight Ransomware and Never Pay a Ransom.
Reported by KPRC2 in Houston, Texas
Ransomware is Real
Statistics show that a business is hit every 40 seconds by a criminal attack. Your data is under attack by cyber criminals and if you’re not taking the proper precautions your practice, your patient’s information, and your reputation is at risk.
If you are the victim of Ransomware
If your organization is the victim of a ransomware attack, please contact law enforcement immediately. We recommend organizations contact their FBI Field Office Cyber Task Force immediately to report a ransomware event and request assistance. These professionals work with state and local law enforcement and other federal and international partners to pursue cyber criminals globally and to assist victims of cyber – crime. Victims are also encouraged to report cyber incidents to the US-CERT and FBI’s Internet Crime Complaint Center. Contacting the FBI does not mean the practice is required to notify their patients. This is just smart to notify law enforcement.
10 Easy Steps to Fight Ransomware
1) Don’t Click, Download, or Open Emails From Unknown Sources
Email is the #1 way ransomware spreads into your network. Watch out for files attached to emails particularly those with an .exe extension.
2) Use an Encrypted Cloud Data Backup Service
Encryption makes it difficult, if not impossible, for a hacker to decrypt your sensitive information. Also, if you can prove your data was encrypted, a ransomware attack does not have to be reported to your patients or The Department of Health and Human Services. Encrypting your data is critical.
3) Store Multiple sets of Backups
Keeping only one data backup set is not enough. Keep multiple days to prevent rewriting a clean backup set with a dirty one. Multiple backups also allow you to easily restore your data with the most update to date version in the case of a ransomware attack.
4) Automatically Update Operating Systems, Firewalls, and Anti-Virus Software
Malicious software is created every day. Make sure your network is continuously updated with the latest security patches
5) Turn Off Your Computers At Night
When you leave your computers on they are connected to the internet and ripe for intrusion.
6) Keep Your Wireless Network Secure If you have a Wi-Fi network for your workplace, make sure it is secure, encrypted, and hidden.
7) Change Passwords
Make sure your team is not using easily recognized passwords like “Password123” or “Practice Name+Address”. Hackers know the most common passwords. Update them every 6 months and don’t allow your employees to share logins and passwords.
8) Obtain Cyber Insurance
You can take every precaution, but there are no guarantees. Having insurance as a backstop should be a key component of your data security plan.
9) Be Proactive
Don’t wait until a ransomware attack happens. Be proactive and have a plan in place so everyone knows what to do. If you do ever experience an attack, immediately turn off all computers and backup procedures.
10) Engage Your Employees
Be present in the training meeting. Teach your employees to be the eyes and ears of your practice and to help spot suspicious emails and behaviors that can damage your practice and your reputation.
SEE WHAT OUR CLIENTS HAVE TO SAY:
After taking the free online HIPAA Risk Assessment offered by AAOMS, I realized our practice could use help with our information security needs. Our practice signed up with OfficeSafe by PCIHIPAA through AAOMS in August 2016. The staff is so helpful and friendly and I finally feel that our practice is on the right path toward being compliant. OfficeSafe has put together binders along with the online portal to help guide us to our way of compliance. All of the policies are prepared in addition to any forms we may need. Using the online videos for our employee meeting made the employees feel well informed. The stress of not having to worry if we are compliant is so worth it. I highly recommend the PCIHIPAA program to help with your office HIPAA and security obstacles.
Oral Surgery & Implant Specialists Dakota Dunes, South Dakota