Cybersecurity breaches and ransomware attacks are increasingly common in ophthalmic practices. Learn how to protect your practice and PHI with these resources.
Articles and Videos From the Academy
- Cybersecurity: Your Exposure Risks, Example Scenarios to Consider, and Best Practices to Guard You and Your Practice, summary from the 2019 Mid-Year Forum
- Protecting Your Practice From Ransomware and Other Cyberthreats, summary from the 2017 Mid-Year Forum
- Ransomware 101—Hackers Are Trying to Take Your Practice Data Hostage, Leslie Burling-Phillips, Contributing Writer, interviewing Janet A. Betchkal MD, Jeffery Daigrepont, EFMP, CMPE, and Ravi D. Goel, MD
- Cybersecurity 101: Protecting Your Medical Records, video of Ravi D. Goel, MD
Jeffrey Daigrepont, senior vice president of the Coker Group, offers these essential cybersecurity tips.
Tip: Phishing Attacks: Don’t Get Hooked!
Phishing attacks use email or unsafe websites to collect personal and financial information or to infect your computer with destructive software. Watch out for these common phishing clues, and don’t get hooked. Be wary if they do any of the following:
- Ask for your password for “security purposes”
- Use fake links that look real but take you somewhere else when you click it (Tip: Hover over the link with your mouse to display the actual address.)
- Misspell words and use weird grammar
- Misspell website addresses
- Have a pushy urgency to respond
Tip: Protect Your Portable Devices
- Lock your device – use a PIN number or a password.
- Only install applications (software) from trusted sources.
- Keep your devices with you at all times when working.
- Back up your files in the cloud (remote services that can be accessed online) or on a portable device.
Tip: Phishing, Vishing and SmiShing
Many types of fraud aim to obtain your confidential information and use it for personal profit and/or gain. The main scams are phishing, vishing and smishing.
Voice phishing or “vishing” is the act of using social engineering over the phone to gain access to private personal and financial information from the public for the purpose of financial reward. SMiShing are attacks where users are tricked into downloading a software virus – called a Trojan horse – or other malware onto their cell phones or other mobile devices. SMiShing is short for "SMS phishing.”
- Assume you have something cyber criminals want.
- You don’t need millions of dollars in the bank to become the victim of cybercrime.
- Cybercriminals can attack anyone.
- Cybercriminals may also get personal data from weak systems to use for identity theft and fraud.
- No legitimate company will ever ask for your password in an email or on the phone.
Tip: Protecting Yourself From Fake Antivirus Apps
Threats can come from fake and malicious antivirus software (also known as malware) created to steal information from users by imitating authentic software. It's important to safeguard your computer from virus infections and to be able to recognize when an infection has happened.
- Be careful when visiting websites or opening attachments from senders you don’t recognize.
- Never click on a link in a popup window.
- Keep software patched and current. Download security updates as soon as you get them.
- Run antivirus scans regularly.
- Monitor your credit cards for unauthorized use and activity.