Blog

Business Consulting Blog

Veritas Consulting LLC is a full service consulting firm to help your business or medical office prevent security threats.


Phillip Long
Phillip Long
Phillip Long's Blog

Security Breaches Attacking Dentist and General Practice Offices

Security Breaches Attacking Dentist and General Practice Offices

We hear about large corporations and other lucrative medical facilities security breaches and attempts, making smaller offices feeling less vulnerable to those types of threats.   The reality is that any practice regardless of size is vulnerable to ransomware attacks. 

While large corporations like hospitals have beefed up their security efforts and spend millions on the latest and most innovated tools and credentialed IT employees on staff 24/7, cybercriminals are finding the smaller offices a prime target for the information they want. 

Why would a cybercriminal want to attack a small office?

Smaller offices are less likely to notice a threat due to their own inexperience. Dentists and General Practices often have insufficient securities and provisioned IT components in place to prevent these breaches. 

Cybercriminals are taking advantage of your front line. They know that you do not have an internal IT department, so they easily bypass through the gates via your very own staff, and most likely your sweet and innocent receptionist. They use a program called ransomware to deceive an inexperienced eye, take your information, and demand you pay in order to get your information back.

 

How exactly are they going to do this? 

A program called “Ransomware” is a top concern world-wide. It takes very little for a hacker to lock down your information and demand a ransom in order to retrieve your confidential data. The cybercriminal sends a bogus email to your receptionist, or other employee. They open the email and suddenly all of the data on your system is encrypted. The cybercriminal will demand a ransom in order to receive a decryption key. 

Email addresses are sold all of the time. Attackers can purchase email address and send mass emails out to multiple organizations. Whoever opens the email is who they go after. 

The emails aren’t your typical spam email. These cons are finding very clever ways of tricking you that an email is legitimate. They will claim an attachment contains medical results and urgent.  Receptionists are busy. They are trained to get the important medical information and react swiftly to help the medical staff care for their patients in a timely manner. A receptionist untrained in deciphering credibility and legitimacy of emails is the perfect victim. 

What can be done to prevent this from happening? 

1. The first step is proper training of the employees of your organization. Allowing specialist from a reputable company to come in and educate you and your staff about potential threats and what to look out for is the very first thing you should do. 
2. Always have your data backed up frequently. This will allow you to retrieve the most recent data before the attack.
3. If you fall victim to randomware, there are websites available to help unlock your data, but like these deceiving emails, there are deceiving websites as well.

Stay compliant with HIPAA and keep your staff, patients, and yourself safe from the repercussions of preventable threats. 

These threats should be taken seriously no matter the size of your practice, but don’t delay consulting with Veritas about your options. Contact Veritas NOW to protect your practice and your good name! 


Comment (0)



Comments are closed.

Archives

Recent Posts

  • Latest Virus Aggressively Targeting Healthcare Industry in 2017 Posted 7 years ago
    Latest Virus Aggressively Targeting Healthcare Industry in 2017 Amateur hackers are going after hospitals and general practices at record levels using a virus named Philadelphia.  Philadelphia is a part of a ransomware spear phishing campaign geared to be a huge threat your medical facility regardless of size or location.    What is spear phishing?  Spear phishing is the fraudulent practice of sending emails seemingly from a known and trusted sender that will encourage recipients to unknowingly reveal confidential information.   What is Philadelphia?  Philadelphia was designed so that even the least experienced cybercriminal can give it a hack. These program is so slick, that the attack is unrecognizable until it is too late. Simply double clicking an icon will activate JavaScript to download your network. Scary!  Usually, when you hear of a cyberattack at a large hospital corporation, most people would assume this virus was highly advanced and stealthy. Philadelphia is quite the opposite. With the lack of sophistication, hackers find that keeping it simple is an advantage.    How does Philadelphia get on my computer?  Philadelphia, like many other ransomware virus, becomes a threat when a seemingly trusted email is ...
  • Security Breaches Attacking Dentist and General Practice Offices Posted 7 years ago
    Security Breaches Attacking Dentist and General Practice Offices We hear about large corporations and other lucrative medical facilities security breaches and attempts, making smaller offices feeling less vulnerable to those types of threats.   The reality is that any practice regardless of size is vulnerable to ransomware attacks.  While large corporations like hospitals have beefed up their security efforts and spend millions on the latest and most innovated tools and credentialed IT employees on staff 24/7, cybercriminals are finding the smaller offices a prime target for the information they want.  Why would a cybercriminal want to attack a small office? Smaller offices are less likely to notice a threat due to their own inexperience. Dentists and General Practices often have insufficient securities and provisioned IT components in place to prevent these breaches.  Cybercriminals are taking advantage of your front line. They know that you do not have an internal IT department, so they easily bypass through the gates via your very own staff, and most likely your sweet and innocent receptionist. They use a program called ransomware to deceive an inexperienced eye, take your ...
  • Second Largest HIPAA Fine to date is $5.5 Million! Posted 7 years ago
    Second Largest HIPAA Fine to date is $5.5 Million! According to a recent article on tripwire.com, on February 16, 2017, the Office of Civil Rights has issued a cumbersome fine for failure to comply with audit procedures. Memorial Healthcare System, who was fined an astounding $5.5 million, failed to meet the terms by disregarding of review, modification, and even the termination of users’ access.    By avoiding these terms with, what could have been, avoidable HIPAA violations, more than 100,000 patients had their records impermissibly disclosed!   MHS settled their agreement with a substantial corrective action plan and landed the second largest fine to any entity. The largest fine was came just a few months ago in August 2016 at a whopping $5.55 million!  What you should know about MHS • 4th largest public healthcare system in the United States of America • Participant in OHCA (Organized Health Care Arrangement) with a network of physicians’ offices What is OHCA?  The Organized Health Care Arrangement allows covered entities from affiliated offices to access EHR records. This arrangement allows cross serving for patients where employees of the physician’s office to ...
Read More »