As more of our lives and work move online, cybersecurity becomes ever more important. It’s a particularly pressing concern for our HealthyPractice members, given the sensitivity of the records they hold about their patients.
That’s why MAS is proud to support Cyber Smart Week (14-18 October) – an initiative organised by the New Zealand Government’s cybersecurity agency CERT NZ.
Cyber threats have been around for decades but they’re increasing in frequency and impact. In Q2 of 2019, CERT NZ received reports of almost 1,200 cyber incidents – a 21% increase on Q1 2019. Of those 1,200 incidents, 59% of the reports related to incidents targeting individuals.
The most common incident reported was some sort of scam or fraud, followed by phishing and credential harvesting attacks, with unauthorised access incidents coming in third.
It can be difficult to quantify the full impact of these incidents, but CERT NZ believes they caused around $6.5m in direct financial loss in Q2 2019, up from $2.2m in the same period last year.
Cyber Smart Week is a great time to check your online security and make sure you’re taking some simple steps to keep yourself and your patients’ records safe.
Change your passwords regularly
Put simply, you need strong passwords and you need to change them regularly. It might be convenient to use “password” for everything but you’re putting your patients’ information at severe risk. You should aim to change your passwords every few months, and it’s a good idea to use a combination of letters, numbers, and symbols in your password. As far as remembering your passwords, there are various password managers that will help you keep track of everything.
Make sure you stay on top of all the relevant software updates
The next job is to make sure your IT system is fully supported and that you keep up-to-date with any software updates that are issued. Not only do those updates improve the usability of your system, they also contain regular security upgrades to patch any flaws.
Use two-factor authentication
Two factor authentication (2FA) is a way of double-checking someone is who they say they are when they try to login to a system. So, as well as providing their username and password, they will often be asked to enter a special code that is texted to their phone. You can add 2FA to all sorts of things but it’s essential on systems like email or accounting software and databases holding patients’ records.
Update your default credentials
New IT products generally ship with a set of default credentials – passwords, administrator access rights and so on – to help users get set up. Once this set-up is done, you’re supposed to change these defaults to something unique to you but that doesn’t always happen. So it’s a good idea to check to see what sort of settings your hardware or software has, and if you see any of those defaults still in place, make sure you change them immediately.
These are a few basic tips to get you started but cybersecurity is something you need to take seriously, and it may be worth seeking professional advice, tailored to the needs of your practice.
Cyber threats are always evolving so it’s also something you need to check in on regularly, and make sure your staff receive regular training. For more general information on cybersecurity, check out the resources at www.cert.govt.nz.
If you’re worried about what might happen to your practice if you suffer a cyberattack, you might also want to think about cyber insurance. MAS has partnered with Delta Insurance and Frank Risk Management to provide cyber insurance for practices like yours. This insurance covers things like business interruption, data forensic expenses, IT consultation services, and public relations costs. When you take up this insurance, you also get a free cyber health check, with ongoing regular advice and technical guidance.
If you want to find out more, visit www.frankiemed.nz or call Frank Risk Management on 07 903 5000.
Other recent articles
3 December 2019
This month we thought we would follow up our cybersecurity newsletter with some statistics and a few tips on practice security in general.
5 November 2019
Changes to the Privacy Act are currently making their way through Parliament and are expected to be passed into law before the end of the year. The changes are being made to make sure that the legislation is in line with new technology and the way that businesses now operate.
24 September 2019
Managing mental health issues in the workplace Your staff are your greatest asset and their wellbeing has a major impact on the overall success of your practice. One of the most significant influences on the wellbeing of your staff is their mental health. Fortunately, mental health issues don’t have the stigma they once did and recent initiatives have done a lot to get people thinking about how they can improve their own mental health and help others who may be struggling. So, what can you do in your own workplace to help a staff member who needs support?
Join other practices already using HealthyPractice.Register now