How to Protect your Medical Practice from Ransomware

Ransomware Computer

Ransomware has been around for some time but it’s grabbing headlines today for a reason. Healthcare organizations across the country are being targeted by hackers for the valuable data they store. It starts out innocently enough – someone opens an email or clicks on a link by mistake. Within moments, the ransomware is installed on your computer in the background. This piece of software then encrypts all your data and the thieves demand a ransom to give your data back.

What happens if you don’t pay up? You lose all access to your data! Imagine having to run your clinic on paper again. If your practice has gone digital a while ago, you won’t have up to date paper records. You won’t be able to treat patients, find out their diagnosis or prescribe medication. You may not even be able to schedule appointments in the first place.

So what can you do to protect your data from ransomware? Here are some precautions you can take:

Backup, Backup, Backup

Hackers attack healthcare organizations because they know how critical data is when it comes to treating patients. They know you would give anything to have that data back. But the thing is, you have no guarantee that paying up will give you access to your data. For all you know, the password you get could be fake or your data could be copied or deleted before you get it.

Unless you have an up to date backup on hand. If you’re using cloud based software like Dovetail, then you’re already covered. Dovetail backs up all your data safely to the cloud in real time. There is no delay and no mistakes. So even if every single computer in your office is locked, you can log into Dovetail on your tablet/phone and continue working!

If you use on premise software, backups are in your hands. Make sure you backup your data as often as possible. But it’s not enough just to make backups though, make sure your data can be restored as well! You don’t want find out that the backup doesn’t work right when you need it the most.

Train Your Employees

Ransomware usually starts with someone opening suspicious emails, downloading attachments without checking with anti-virus software or clicking on infected website links. Train your staff to spot such suspicious actions and be alert. Don’t open emails from people you don’t know or install software from disreputable sites. They are more likely to carry ransomware. If you don’t give hackers access to your data, they cannot steal it.

Dovetail stores all data and the software itself in the cloud, not on your individual computer. So ransomware doesn’t have a chance since there is nothing to encrypt. However the ransomware can still encrypt other data on your system. So, safe security practices will protect your clinic from ransomware and other types of attacks as well.

Update All Your Software and Hardware

Dovetail is based in the cloud so you always have the latest updates which include security patches. You don’t have to download or install patches everyday. Your EHR is always up to date. But that is only one of several applications on your computer. Make sure that all computing devices –desktops, laptops, phones and tablets – have the latest updates and security patches.

Also make sure that all devices have hardware encryption or at least passwords. Passwords make it more difficult for attackers to get into your system even if they steal a laptop. After all, you can replace a computer more easily than your data.

Most of these steps are simple but the reality is many practices ignore them. Remember that prevention is better than the cure in the world of computing as well!