Healthcare is a huge target!

 

By Aris Medical Solutions

 

Things may seem wonderful since a new year is beginning; please don’t forget that many things remain the same.

For instance…
Healthcare is targeted in many ways. Do your employees know how to spot a phishing email or a potential virus? Most phishing expeditions and viruses are delivered right to your inbox! Did you know that nearly 90% of all ransomware attacks were on healthcare? A new report by Check Point software’s researchers states that Ransomware plague earns $2 million, while only 0.3% victims pay up. With this much money that is being made, more and more criminals are creating Ransomware. What would you do if one of your employees clicked on a link and downloaded a virus or your system was encrypted by ransomware?

Today, we are extremely busy and the criminals know this. It is so easy to spoof another company’s logo and create a phishing email or worse; a ransomware infection. What can you do? First and foremost you must continually educate your staff on what to look for and how to avoid making costly mistakes.

Here are some things to watch out for:

  1. Emails that claim your account has been compromised and you need to call a toll free number immediately. Lookup the number for the company and call them on that number and not the number supplied in the email. If you call the number that is supplied, either you will to talk to a real criminal and they try to get information from you or your credit card number. The other way is you get stuck in a voicemail holding pattern and then your number is programmed in and they call you back and try the same scam.
  2. Emails that claim your package (FEDEx / UPS / USPS) or payment (IRS / Bank / Credit Card) was not delivered, and you need to click on an attachment or a link.Open your browser and go directly to the company’s website, do not click on anything in the email.
  3. Phone call that advises you there is new software upgrade or virus and offers a free scan on your computer. Do not permit anyone access to your computer unless they have been verified by the company they work for and you know who they are.
  4. Fake apps that look like the real stores. Watch for apps that do not have a lot of reviews or bad reviews. Do not click on a link to download an app, go to the app store. Even then be careful, although Apple and Google use algorithms to detect, some have slipped through! Do not give out too much information and try to avoid adding any credit card numbers to apps. Read the permissions on all apps before downloading. If it is asking for more than is needed, do not download even though it sounds like a great app. Many apps contain malware to steal your information. If you connect your portable device to your office network, it can steal information from there as well.

Remember, most scams have a sense of urgency to prevent a negative consequence. Also, as the old saying goes… if it sounds too good to be true, it probably is. Always think before you react!
For more information on how Aris Medical Solutions can help your organization with HIPAA Compliance and Protecting your Data call 877.659.2467 or click here to contact us.

“Protecting Organizations through Partnership, Education, and Support”

About Suze Shaffer

Suze Shaffer is the owner and president of Aris Medical Solutions. She specializes in HIPAA compliance, risk management, and cyber security. She believes that by educating her clients in understanding why and what needs to be done to protect their practice they have a better outcome.

Suze has been instrumental in helping clients nationwide with risk management, implementing privacy and security rule policies and procedures, and ultimately protecting patient data. She includes state and federal regulatory requirements to ensure clients are protected in all areas.

She has spoken at numerous conferences and functions. She continues to educate organizations how to minimize the risks of data breaches. HIPAA compliance is not an option, it is mandatory for every organization that comes in contact with protected health information to have reasonable and appropriate security measures in place. Unfortunately, most organizations don’t realize they are not compliant until they suffer a data breach or they are faced with an audit or investigation.

Did you know that the Office for Civil Rights (OCR) is the agency that investigates data breaches? Have you seen the heavy fines that have been imposed for non-compliance?

All 50 states now have their own set of privacy laws and the State's Attorney General may also investigate privacy violations!

Share This HIPAA Blog

It’s not just HIPAA, think about the FTC!

November 15, 2016

Background Check Requirements

February 16, 2017
©2024 Aris Medical Solutions – HIPAA Risk Management | HIPAA Compliance Consultants | All Rights Reserved | Terms and Conditions | Privacy Policy
The content and images on this website is owned by Aris Medical Solutions and their owners. Do not copy any content or images without our consent.
Powered by Bandwise LLC