Correctly Respond to a Cyber Attack

As technological advancements increase daily, our dependence on technology continues to positively correlate with this trend. Practices implement technology to streamline administrative tasks, gather patient data, organize and store patient health records, manage finances, and other tasks to maximize overall profitability.  Unfortunately, the recent influx in technology also positively correlates to an increasing concern: the growing number of cybercriminals.
Read more

Protect Yourself from Phishing Scams

Within the past few years, phishing emails have become increasingly difficult to detect. However, recognizing similar characteristics in phishing scams helps avoid becoming the victim. If you answer ‘yes’ to any of the questions below, you may be looking at a potential phishing scam.

Read more

Types of Phishing Scams

Phishing scams typically fall into one of these 5 categories:

1. Deceptive Phishing

Deceptive phishing occurs when scammers impersonate credible companies in order to steal personal information and login credentials. These emails typically create a sense of urgency for victims to rectify a problem with their accounts and prompts the unsuspecting to clink on an external link. These external links often look very similar to the login pages of the company that the scammer is mimicking. Victims then sign in to the scammer’s page, thus surrendering their login information.

2. Spear Phishing

Read more

Tips for Cyber Security in Your Veterinary Practice: PART II

With the risk of a cyber security breach increasing on a daily basis, below are some tips that will help a practice owner maintain the security that they need in order to protect safeguard data.

Plan for the Unexpected

❒ Unless your confidential data is totally disconnected from the internet, you must install a firewall to protect against intrusions from outside sources.

❒ Software firewalls are included with some popular operating systems, providing protection at the installation stage.

❒ Alternatively, separate firewall software is widely available from computer security developers.

❒ Large practices that use a Local Area Network (LAN) should consider a hardware firewall.

❒ A hardware firewall sits between LAN and the Internet, providing centralized management of firewall settings.

Install and Maintain Anti-virus Software

❒ Use an anti-virus product that provides continuously updated protection against viruses, malware, and other code that can attack your computers through web downloads, CDs, email, and flash drives.

❒ Keep anti-virus software up-to-date.

❒ Most anti-virus software automatically generates reminders about these updates, and many are configurable to allow for automated updating.

 
Stuart J. Oberman, Esq. handles a wide range of legal issues for the veterinary profession including employment law, cyber security, practice sales, real estate transactions, lease agreements, OSHA compliance, veterinary board complaints, and entity formation.

For questions or comments regarding this article please call (770) 554-1400 or visit www.obermanlaw.comIf you would like Stuart J. Oberman, Esq. to speak at an event, please contact Katharine Drum, Marketing Coordinator (kath@obermanlaw.com).

Tips for Cyber Security in Your Veterinary Practice: PART I

With the risk of a cyber-security breach increasing on a daily basis, below are some tips that will help a practice owner maintain the security that they need in order to protect patient information.

Use Strong Passwords and Change Them Regularly

Selecting Passwords

Choose a password that is not easily guessed. Below are some examples of strong password characteristics:

❒ At least eight characters in length (the longer the better).

❒ A combination of upper case and lower case letters, one number, and at least one special character, such as a punctuation mark.

Strong passwords should not include personal information, such as:

❒ Birthdate

❒ Names of self, family members, or pets

❒ Social Security Number

❒ Anything that is on your social networking sites or could otherwise be easily discovered by others.

Updating Passwords

Configure your systems so that passwords must be changed on a regular basis.

Resetting Passwords

To discourage staff from writing down their passwords, develop a password reset process to provide quick assistance in case of forgotten passwords. This process could involve:

❒ Allowing two different staff members to be authorized to reset passwords

❒ Selecting a product that has built-in password reset capabilities.

Limit Network Access

❒ Prohibit staff from installing software without prior approval.

❒ When a wireless router is used, set it up to operate only in encrypted mode.

❒ Prohibit casual network access by visitors.

❒ Check to make sure file sharing, instant messaging, and other peer-to-peer applications have not been installed without explicit review and approval.

Control Physical Access

❒ Limit the chances that devices (e.g., laptops, handhelds, desktops, servers, thumb drives, CCs, backup tapes) may be tampered with, lost, or stolen.

❒ Document and enforce policies limiting physical access to devices and information.

❒ Keep machines in locked rooms.

❒ Manage keys to facilities.

❒ Restrict removal of devices from a secure area.

 

 

 

Stuart J. Oberman, Esq. handles a wide range of legal issues for the veterinary profession including employment law, cyber security, practice sales, real estate transactions, lease agreements, OSHA compliance, veterinary board complaints, and entity formation.
For questions or comments regarding this article please call (770) 554-1400 or visit www.obermanlaw.com
If you would like Stuart J. Oberman, Esq. to speak at an event, please contact Katharine Drum, Marketing Coordinator (kath@obermanlaw.com).

Tips for Cyber Security in Your Chiropractic Practice

With the risk of a cyber-security breach increasing on a daily basis, below are some tips that will help a practice owner maintain the security that they need in order to protect patient information.

Establish a Security Culture

❒ Build a security-minded organizational culture so that good habits and practices become automatic.

❒ Conduct information security education and training frequently.

❒ A practice owner should be the security leader in the practice and set a good example in attitude and action.

❒ Instill taking responsibility for information security as one of your practice’s core values.

Protect Mobile Devices

❒ Ensure your mobile devices are equipped with strong authentication and access controls.

❒ Ensure laptops have password protection

❒ Enable password protection on handheld devices (if available). Take extra physical control precautions over the device if password protection is not provided.

❒ Protect wireless transmissions from intrusion.

❒ Do not transmit unencrypted Protected Health Information (PHI) across public networks (e.g., Internet, Wi-Fi).

❒ Where it is absolutely necessary to commit PHI to a mobile device or remove a device from a secure area, encrypt the data.

❒ Do not use mobile devices that cannot support encryption.

❒ Develop and enforce policies specifying the circumstances under which devices may be removed from the facility.

❒ Take extra care to prevent unauthorized view of the PHI displayed on a mobile device.\

 
Hopefully, this information will provide some simple security tips in order to prevent a violation and/or security breach which can devastate a practice.

 

iStock_000015498430Small
Stuart J. Oberman, Esq. handles a wide range of legal issues for the chiropractic profession, including: employment law, cyber security breaches, practice sales, real estate transactions, lease agreements, OSHA compliance, chiropractic board complaints, and professional corporations.

For questions or comments regarding this article  please call (770) 554-1400 or visit www.obermanlaw.com
If you would like Stuart J. Oberman, Esq. to speak at an event, please contact Katharine Drum, Marketing Coordinator (kath@obermanlaw.com).