What should you do?
Take cyber security seriously. Get an expert to review and secure your systems. Teach cyber hygiene to doctors, administrators, and staff.
Paul Lucas, chief financial officer of Georgia Retina in Atlanta, sends out an alert email to 13 doctors and over 140 staff members whenever a serious threat appears. Periodic reminders are vital to keep busy staff from forgetting.
Georgia Technical Institute’s cyber-physical systems security expert, Raheem Beyah, PhD, explains, “If we don't educate individuals and we don't do it consistently and regularly in a sort of mandatory fashion, then it doesn't matter about the software—it doesn't matter about the firewalls. None of the stuff matters because folks will click ‘yes’ or click ‘accept’ and then the malware is there.”
However, be careful trying to do this all on your own. John Copeland, PhD, network expert and founder of Lancope, explains that the tools needed “are designed for network experts to use and [not] medical people.”
It is a lot of work for a full-time physician to worry about. Dr. Copeland, whose company was purchased by Cisco Systems for $452 million, continues, “They really need to use the standard security practices, have some sort of firewall, have the hard disc encrypted, and have passwords that are hard to guess. The most important thing is to keep the operating system updated and keep the applications updated because there are continually vulnerabilities being discovered in the operating systems in a number of areas.”
For a list of do’s and don’t’s, visit http://www.analytrix.com/it-security-how-to-keep-your-practice-secure