Get a great article like this in your Inbox each month

No thanks

Affordable Cyber Security Tips to Protect Your Practice
Sarah Marlowe | February 26, 2018

Data breaches are expensive, but protecting your practice doesn’t have to be. The heightened value of sensitive patient information makes the healthcare industry an attractive market for hackers. To discourage criminal behavior, and avoid claims of corporate negligence, healthcare providers must invest in strong network security.


The Stakes Couldn’t Be Higher


By law, any party handling Protected Health Information (PHI) is required to secure access to, and usage of, that data. The fees incurred from HIPAA violations will break the bank with costs up to $50,000 per violation. Bad press from civil suits will butcher professional reputations that took years to build.



In the worst cases, practices can be held criminally responsible for breaches. If monetary retribution and public disdain aren’t enough motivation to get you improving your security standards, imagine your new 6X8 foot home, furnished with steel black bars and a dangerous roommate.


Real-life Drama


With over 233 data breaches in 2017, affecting more than 3 million US patient records,  it is no surprise that popular medical TV series’ Grey’s Anatomy, The Night Shift and Chicago Med aired episodes featuring cyber attacks. We often see hyperbole in televised portrayals of current events, especially with regards to medical shows. But for those who know the aneurysm-inducing consequences of HIPAA infringement, the drama is all too real.



“While the requirements of running a HIPAA-compliant environment may at first glance seem onerous,” said Jack Kustanowitz, senior technical advisor at Surgimate, “they amount to a body of sensible and important recommendations for protecting data for which you are legally responsible.”


The good news is that you can help safeguard your practice from the next national data debacle with the following simple and affordable tips:


Stay Up to Date


Software update messages can fire up even the most timid personality. They’re so annoying that the majority of users automatically hit the ‘Remind Me Later’ button and hope to never see the message again. Truth is we should be kinder to software updates, both for our computer’s operating system and virus definition files. They not only smooth over bugs but also enhance security. The more outdated your software is, the easier it is for hackers to crack. These updates are almost always free, keeping costs down while maximizing cybersecurity.



Prepare Your People


Don’t let employee negligence be the reason for a data breach. In the healthcare industry, employers don’t have a choice but to entrust employees with valuable data. Institute protocols for handling PHI and train employees to use best security practices. “Social hacking” is an attempt to gain access by tricking a person with access instead of trying to bypass a technical block, and security training can make employees more wary of more subtle attempts by an outsider to gain access. “You owe it to our patients to protect their personal information by preparing all staff with the proper protocols,” said Yehuda Elitzur, Chief Software Architect and Security Officer at Surgimate.


Encrypt Everything

Get into the habit of encrypting hard drives, and backing them up frequently. If your laptop full of PHI and classified information gets stolen, encryption will be your only saving grace. Full hard-drive encryption is available for Mac with FileVault, and BitLocker for Windows, and turning it on may be as simple as checking a box. Encrypt all documents containing patient information before sending them electronically. There are plenty of low-cost file-sharing applications that guarantee a high level of encryption when forwarding confidential data, OneHub and ShareFile.



Make Like Fort Knox


The more layers of protection, the hardest it is to breach the network. Ensure that all servers and workstations on your network are secured with antivirus and firewall protection. Security software is not as expensive as it used to be, with annual costs per license as low as $30. Investing in a low-end video surveillance system for your servers is money well spent to protect your data and technology.


Ditch the Tricky P@$$w0rdz.


Since the creation of your very first email address, you’ve been taught to use complicated passwords. But as computers and robots have become more sophisticated, our passwords need to be as well. A passphrase, which is a random thread of at least 4 words, separated by spaces, is easier to remember, and offers stronger protection than a hodgepodge like ‘il0veC0dy921!’. According to experts ‘Grumpy pizza kiosk unicorn’ is the way to go for supreme security. If you need to add a number or unique character, keep it simple.



As Kustanowitz points out: ‘In an environment that demands you build a moat, position sentries, man the turrets, and triple-lock the treasury, a surprising number of would-be fortresses neglect to even lock the front door.’


At Surgimate, we have made data security a priority. Multi-factor authentication is required to access any database containing patient information. All employees undergo HIPAA compliance training and are taught best practices for handling PHI.


Cyber attacks are not going away. Take the proper precautions so you can sleep better at night, in your own bed.

Surgimate staff and others recommend
About the author: Sarah Marlowe is a creativity and innovation addict, with a passion for all things food or sports related. When she’s not navigating the world of surgical scheduling, you’ll find her watching the Food Network, college basketball, or the newest Netflix original series.
Published on February 26, 2018. All rights reserved by the author.
Get an article like this in your Inbox each month.

Write a response
Thank you for sharing your thoughts with us,
we just need to look it over before it pops up on our site. Give us 24 hours
Related Articles


Got it, thanks!

We will contact you within 24 hours to answer all of your questions.

See Surgimate live in action.

Got it, thanks!

We will contact you within 24 hours to arrange the demo.
What are you looking to achieve? You may select more than one answer.

How can we help?

Send us your details and one of our solution consultants will be in touch with you shortly.

Got it, thanks!

We will contact you within 24 hours to answer all of your questions.