Whenever I meet a new practice owner that has never had a data or security issue. I hear the same thing time and time again. “We don’t have any valuable data, why would a hacker want to attack us?” The issue is that the hacker isn’t targeting your practice specifically. They are targeting the healthcare profession as a whole. And YES! That includes veterinary practices as well.
According to an article by CNBC; “Cyberattacks now cost companies $200,000 on average, putting many out of business” Over half of the cyber attacks we see everyday occur to small businesses. Only 14% of those businesses are prepared to handle the attack. Ask yourself a couple of questions.
Does your business have fewer than 500 employees?
Does your practice do less than $10 million in revenue each year?
If you answered yes to both of these questions, then you are considered a small business. We are the target of over half of the cyber attacks that take place every day. Now let’s look at another scenario.
Does your practice provide health care services? (Yes, that includes animals)
Does your practice store your client and patient information?
Does your practice name contain the following words ? Hospital, Clinic, Medical, Care or Practice?
Did you answer Yes to the questions above? Congrats you are in the highest statistical category to be attacked by cyber criminals. Here are a couple of staggering statistics. In an article written by the AVMA “Cybercrime a potential liability for clinics”. States that cyberattacks are projected to cost businesses $6 trillion annually by 2021! There’s a reason that hackers go after the health care industry as we whole, including veterinary practices.
Is your practice paper lite or paperless?
Do you collect & store PII (Personally identifiable information)?
Did you answer yes to the questions above? Now you know why hackers target the healthcare industry as a whole. We in the veterinary industry are also about 10 years behind the times when it comes to our IT infrastructure. With aging equipment and a lack of general concern when it comes to cyber security it makes for a perfect target.
Easy Steps you can take to protect your practice
Use a VPN service or your practices VPN while working in public places.
If you travel to VMX, WVC or Fetch make sure to connect to your practice’s VPN or use a quality VPN service like NordVPN while on public wifi. This will make sure that you have a private tunnel that all your communication is sent through. This way a hacker will be unable to ‘sniff’ your traffic.
Do you have staff working from home during COVID19?. Also a good idea to have them connect to your clinic’s VPN before performing any work functions. Hacker’s know that home networks are ripe for the picking. This is the reason for the over 400% increase in attacks since the start of the COVID19 pandemic.
Regularly Check your email account on https://haveibeenpwned.com/
This site keeps a record of all the databases that have been compromised. If your email account shows as compromised. (Which it likely has been) Make sure that you no longer use the same email address and password combination that was used in the compromised site. For Example:
Lets say my email address Sarah@vetclinic.com was the email address I used to log into Adobe. With the password of Password1!. Adobe suffered a massive data breach in October of 2013. I would want to make sure that I do not use sarah@vetclinic.com & Password1! Anywhere else. It’s also a good idea to make sure that your email password has been changed recently.
Staff Training
I saved this one for last as this is the simple task that has the biggest bang for the buck. We can invest millions into our cyber security infrastructure but if we don’t train our staff. We might as well leave the door wide open. You’ve heard the term “We’re all human”. What that essentially means is that we all make mistakes. If we can learn how to avoid those mistakes it will go a long way in protecting our practice. You should have some form of cyber security training at least once per year.