We often hear from small medical providers, such as Chiropractors, Optometrists, and Dentists that they are so small nobody would care about breaking into their network. The truth is that medical information is very valuable to hackers (so much so that organized crime is very involved in medical data theft). A single record is worth over 2 to 3 times more than financial records in the black market and small firms are usually unsecured, which makes them desirable targets.
An article published on February 16, 2017 by the Modern Medicine Network (http://medicaleconomics.modernmedicine.com/medical-economics/news/interconnectivity-more-devices-heighten-security-risk-ehrs) reports that HHS Office of Civil Rights (OCR) has reports of 24 data breaches in January 2017. The breaches affected large and small firms. The article mentions that many providers still do not understand that their electronic medical records software (EHR) is part of a larger ecosystem that needs to be secured. Many providers believe the just putting a firewall will protect them and they neglect to comply with all the other parts of the HIPAA requirements.
Unfortunately, we run into this consistently. If a provider has an “as needed” techie helping them run their technology infrastructure, there is a real danger that large security gaps are not being addressed. This is a huge risk for providers who can be ruled as negligent by HHS OCR if they have not done what is reasonable and appropriate (according to the Auditor).
So what can providers of any size do? Simple, have us come in for an assessment. It is a cost-effective way to identify areas of concern and put together an action plan. We will check for security gaps and provide solutions for your review. The best part is that if you like your current provider, you can keep them!
Luis Delgado is a father, husband, community resource, speaker, and entrepreneur who founded The Critical Update, inc (TCUINC) in 2003. TCUINC is a technology consulting firm that has evolved from basic computer support to affordable technology consulting, network management, outsourced IT and cybersecurity. Our clients come from every industry in Central Texas. Luis is a certified HIPAA professional and is focused on helping business owners create more jobs for Texas families.