In most places where we provide personal information, our PII is not remotely secure in any way, shape or form. According to recently released figures, the U.S. Federal Trade Commission (FTC) said he received more than 5.88 million fraud reports in 2021.
SANTA ANA, Calif. (Issuewire.com) January 11, 2023 – We live in a world almost completely dominated by technology, and we’ve grown accustomed to using it in every aspect of our lives, at home and at work. However, there is currently a very serious technical issue that no one is talking about and it is related to personally identifiable information (PII). “The bottom line is that in most places we provide personal information, our PII of him is not secure in any shape or form.” Alvand of him, CEO of intSignal Mr K said:
According to recently released figures, the U.S. Federal Trade Commission (FTC) will receive more than 5.88 million fraud reports in 2021, up 19% from the previous year. Reported related economic losses exceed $6.1 billion, an increase of more than 77% compared to 2020. These numbers are astronomical and not enough steps have been taken to rectify the problem.
Many offices and businesses do not have adequate protection in place. For example, take a standard dental office or clinic. Most of these offices are unaware of basic ePHI protection requirements. This is because they are not trained in technology. Moreover, hiring a professional would be incredibly costly and impractical for such small businesses. As a result, they often hire students or people with limited technical knowledge to set up printers and basic IT needs. In fact, most “tech support” company employees are not trained to a very high level, often only trained to perform typical tier 1-2 support tasks. .
Our findings show that most offices use basic antivirus and backup solutions for ‘security’, but this is not enough. Additionally, many use legacy operating systems such as Windows 7, which are now obsolete and have very weak security solutions, most of which have been compromised at least once. These data breaches, often involving ransomware, involved an average of over 1200 ePHIs each time. When I asked how they had dealt with and repaired these compromises, they said they restored the system from backups and installed new antivirus software.
Doctors, dentists, or business owners cannot be blamed for the failure of these systems. This problem stems from a lack of awareness of the level and type of protection needed, as well as the need for affordable access to experts, support, and consulting services. Moreover, this is not specific to clinics as this is just an example. It impacts most other businesses, and it impacts businesses within the tech industry as well.
Without promoting any particular company or product, good basic protection suggests starting with:
- disk encryption
- Good premium antivirus software
- A reputable email server that complies with today’s standards
- Regular updates and a compliant operating system
- Popular password manager
We also recommend using an encrypted storage system with cloud backup. If possible, we recommend using cloud storage sync, which can be accessed securely via the cloud and also retains backups.
To minimize disruption, we recommend that you perform all updates outside of normal operating hours and store everything on separate storage devices rather than separate computers. In addition, we recommend that you always designate a spare computer that you can use daily as a backup in case one fails. Finally, get into the habit of using secure passwords and always use multi-factor authentication (MFA). Preferably via an app or text message rather than email.
By following these low-cost tips and following local and national regulations, you can better protect your patients’ ePHI and your business.
Tag : security risk , personal information , Risk , Risk , technology risk , risk reduction , identity theft , scam