877.334.8512 |      

EHR and practice management for mental / behavioral health

Will Your Employees Get You Hacked?

PIMSY Mental Health EHR

by Donna Koger, 3.8.18

Apparently, according to cybersecurity experts, there are 5 things your employees are doing that will get you hacked. And you are not alone in being remiss to be sure your staff is fully trained on cyber hacking and the dangers involved from the small business end.

Out of 2,000 small business owners surveyed, there was enough data to indicate nearly half are at risk of being hacked because they are not investing enough in cybersecurity. But there are some simple things that can help you avoid the unthinkable – getting hacked - and paying huge fines for exposing your PHI.

First, you need to train your employees to be aware of 5 things:

Being Lazy

Do your employees assume the IT department is taking care of cybersecurity or otherwise don’t believe they have to worry about it? Tell them to think again.

Unprotected Email

Your company can invest in a service that provides email encryption, such as EmailPros, or you can have your employees (or IT dept) set up 2-step verification in their email app, such as MS Outlook. There is plenty of information to be found on 2-step verification on the internet, ask your IT department or you can check out these websites: https://support.microsoft.com/en-us/help/12408/microsoft-account-about-two-step-verification or this one: https://www.msoutlook.info/question/773

Clicking on Fake Emails

According to cybersecurity companies, “91 percent of cyber attacks begin with a spear fishing email.” (hipaasecurenow.com) These emails can entice employees to click and share inappropriate information, such as usernames and passwords with potential hackers. They tend to look authentic, but much of the time, if someone receives one of the phishing emails, checking the email address the message is from can tell you it is not legitimate. But this isn’t always the case so everyone must extra diligent in examining all unsolicited emails. Phishing scams usually insert ransomware [link to my other article on ransomeware] that infects not only computers, but mobile devices and networks.

Lousy Passwords

Can you believe the most common password today is “123456?” How easy do you think it would be to crack that password to gain access to someone’s computer or mobile device? The same password could be used by one individual on many devices or shared with coworkers, family and friends. As entrepreneur.com and other resources say, “Chances are, most of your employees are well-intentioned – but clueless when it comes to cyber protection.”

No Backup

Are there employees in your organization that do not back up their data? With PIMSY, your data is backed up to the cloud regularly, so there isn’t any danger there. However, there may be PHI on employee’s computers or other devices that is not encrypted or backed up. Those files can be hacked with ransomware or other nasty viruses that give hackers access to PHI or denies the employee’s access to their files. Of course, if it’s ransomware, [link again] you will be required to pay a “ransom” before the files are returned to the owner. By then, it’s probably too late to avoid HIPAA fines for your “hacked” PHI.

Resource:

http://www.hipaasecurenow.com/index.php/how-will-your-employees-get-you-hacked/

Donna Koger is the HIPAA and Security Compliance Director of PIMSY EHR. For more information about electronic solutions for your practice, check out Mental Health Practice Management.

 

 

Donna Koger is the HIPAA and Security Compliance Director of PIMSY EHR. For more information about electronic solutions for your practice, check out Mental Health Practice Management.

Kudos from Clients

  • Seth H.

    “PIMSY more than pays for itself by streamlining my office, improving efficiency and reducing billing times. I would recommend PIMSY to anyone looking for a good EMR company that will help you implement its program and help you with any questions you have along the way.”

    ~ Seth H., Business Owner

  • Karen B.

    “Love PIMSY! So much quicker to complete notes and easier for everyone working with clients to know current authorizations and track units.”

    ~ Karen B., Therapist

  • Dr. Carmen L.

    “I am extremely appreciative and am so glad I decided to go with PIMSY versus the other options I was considering. I was singing your praises to a colleague of mine today who is feeling overwhelmed with her paper process. I highly recommend all of you.”

    ~ Dr. Carmen L., Program Director

  • Kim T.

    “We are now functioning at a 50% faster recovery rate for money and a 50% lower denial rate. You should really give the PIMSY team time to demonstrate for you personally.”

    ~ Kim T., Business Director

Subscribe To Our Newsletter

Subscribe to the PIMSY newsletter
 
What topics are you most interested in?