• Skip to main content
  • Skip to primary sidebar
  • Home
  • Topics
    • Administrating Excellence
    • Building the Office
    • COVID-19
    • Growing the Practice
    • Leading the Team
    • Making the Clinic Work
    • Medical Students/Residents
    • Using Health IT
  • Allscripts EHR Training Videos
  • Podcast
  • Resources
    • Case Studies
    • Checklists
    • Infographics
    • White Papers
  • Member Area
  • Member Login
  • Register

SBGM

Knowledge to Transform Your Medical Practice

Cybersecurity for Medical Practices

By Paul Cox

Cybersecurity for Medical Practices

Why Does Cybersecurity Matter?

So why should medical practices be worried about cyberattacks? Patient Data! Healthcare organizations are prime targets of cyber attackers because of the importance and value of patient data. Even a small practice with several physicians will have accumulated tens of thousands of patient records over several years of operation. These records include essentially everything about each person: name, address, phone number, email, social security number, insurance information, and personal details of their health conditions. Small practices are just as likely to be attacked. Although the attacker will probably not be state-sponsored attack, it will be an individual in a third world country. All an attacker needs to disrupt your practice is a laptop and an internet connection which will essentially allow them to be anywhere in the world. These individual attackers are looking to make just a few thousand dollars but the damage they will cost practice can easily be several hundred thousand dollars not to mention your company’s reputation with your patients and the community. 

Cyberattacks on healthcare more than doubled in 2020, with ransomware accounting for 28 percent of all attacks. COVID-19 response efforts, including personal protective equipment and the vaccine supply chain were the largest focus of these targeted campaigns, according to the latest IBM X-Force report.

What Do Physicians Need to Know?

Most physician’s knowledge of computer security is the anti-virus program that runs on their computer. While this is a component, managing cybersecurity is a very complex topic which encompass networked computers, cloud-based applications, passwords, staff, training, and establishing processes. A cybersecurity attack can result in everything from identity theft, to extortion attempts, to the loss of important data like patient records, company financial records or reputation. 

Imagine there is an attack on your computer network with a denial of service (DOS) attack. You’ve lost your internet connections, your email, maybe your phone system, fax, and your EHR. Normal operations grind to a halt for your practice. The attacker demands $100,000 to return your network service. What do you do? This example is a realistic scenario that can easily happen to your practice. 

How do I start managing cybersecurity threats for my practice?

While deciding where to start to address cybersecurity threats can be daunting, there are core questions that every physician or practice manager should ask which will lead to the development of a plan for managing cybersecurity.

What cybersecurity software should I use? 

This is more than just simple anti-virus software running on each computer. It needs to be a network solution which encompasses antivirus, anti-malware, firewalls, email security, and Intrusion prevention systems (IPS). While there are companies that offer do-it-yourself solutions (e.g. Avast, Trend Micro, and Semantic), it is better to have an IT professional to install and manage network security applications due to the complexity and constant change.

Do I need a plan for computer passwords? 

Absolutely and Emphatically YES! Passwords are the first line of defense for protecting digital information in your practice. The dangers caused by using simple passwords are very real for a practice. Hackers can and will find ways to install malware and steal patient or financial information. You must have a password policy to ensure consistent and strong passwords for everyone in your practice.

Should I backup the data for my practice? 

There are a lot of ways that data can be lost in a physician practice. Natural disasters, power outages, or employee turnover. Ransomware is continually in the news, with new strains entering businesses in clever new ways to encrypt and demand ransom for the hijacked files or a Denial of Service (DoS) which totally shuts your network down. Making regular and effective data backups is core to your cybersecurity plan. The time and cost to implement data backups is minimal compared to the weeks and months needed to recover from a serious loss.

Answering these questions will lay the foundation for a cybersecurity plan for your physician practice. The next steps will be to implement a detailed cybersecurity plan, checklist, and training for everyone in the practice.

To learn more about Cybersecurity and Using Health Care IT, join us on  Facebook, Twitter, and LinkedIn. 

Print Friendly, PDF & Email
Share the knowledge to transform your practice

Filed Under: Using Health IT, Editors Pick Tagged With: Administering Excellence, Cybersecurity, Practice Manager, Using Health Care IT

Primary Sidebar

Tags

Accounting for Physicians Administering Excellence Administrative Excellence Building the Office Building the Practice Burnout Clinical Trials Compensation COVID-19 Cybersecurity Electronic Health Records embezzlement Emotional Intelligence Finance Growing the Practice health care accounting Health Care Practice Dynamics Health IT Human Resources Improving Outcomes Leading the Team Making Medicine Fun Again Making the Clinic Work Medical Appointment Scheduling medical practice accounting medical practice banking Medical Practice Embezzlement Medical Practice Expenses Medical Practice Finances Medical Practice Revenue Medical Schools Medical Students Patient Education Patient Engagement Phone Tree Practice Manager Prior Authorization Residency Scheduling Scheduling Software Staff Engagement Taxes Using Health Care IT Voice Assistants Voice Technology
JNP Enterprises © 2025 ·
This site uses technologies such as cookies to provide a better user experience by personalizing content and ads, analysing web traffic, trends, and improving site operations. we may share information about your use of the site with third parties in accordance with our Privacy Policy. By continuing to use this site, you agree that we can save cookies on your device, unless you have disabled them. You can change your cookie settings at any time by visiting our Cookie Policy, but parts of our site may not function correctly without them.OkPrivacy policy