What Are Your Odds—Hacker or Human Error?

According to research by Inc.com, 48% of cyber breaches result from sophisticated hacking, while the remaining 52% are caused by simple human error.  While that may sound like a hopeless situation, let’s take a closer look.

Reducing Human Error

Reduce your odds of a cyber breach by 52% by simply training your team upon hire and annually about cyber security and keep them up to date with periodic refreshers.  In addition, it is vital that you set up and enforce sound policies and procedures about accessing personal email and social media from work computers. The compliance officer or practice owner must hold staff accountable for following those policies.

Reducing Your Chances of Being Hacked

You might be saying, “My staff is already savvy, but how do I protect my practice from a sophisticated hack?” It’s not entirely hopeless.  Bear in mind, a hacker seek to make easy money by stealing or ransoming your data.  Your job is ensure you are not an easy victim—regardless of how sophisticated the hacker is. These hackers primarily exploit known vulnerabilities in computer systems and software. Having a great IT partner who knows and understands the Security Rule’s technical safeguard requirements greatly minimizes the possibility your office will be singled out for hacking because you are “low hanging fruit”.

One necessary element is your knowledge of the laws.  Thomas Gray, an 18th century poet, coined the phrase “ignorance is bliss”. However, ignorance can be very costly financially and reputationally. Knowing what’s legally required is a critical first step. Who is your IT compliance partner when it comes to HIPAA laws and requirements? Are they up to date and knowledgeable? Do they know what to do in case of a breach? Ask these critical questions in order to protect patient information.

In addition, is your HIPAA Compliance Officer up-to-date?  A well-informed Compliance Officer can help reduce human error and hacking.  Consider one of our 3 HIPAA courses whether you want to brush up on your HIPAA knowledge or jump start your compliance role.