4 ways to protect your patients and practice from cyberattacks

Patient health and financial information has become the latest target for cybercriminals as data breaches continue to afflict the health care industry's relatively lax cybersecurity measures.

According to a Feb. 13 NBC News report, health-care-record hacking rose 11,000% last year alone.

Data breaches can be financially devastating. The Health Insurance Portability and Accountability Act (HIPAA) requires doctors to notify patients when their data has been compromised—a process that can cost $30 per record, according to Kevin Johnson, senior vice president of Lockton Affinity, an AOAExcel^® endorsed business partner. For practices with thousands of records, complying with the law can be financially onerous.

To protect patient data and your practice from cyberattacks, follow these recommendations:

• Ensure electronic patient information is encrypted. Basic passwords won't cut it when it comes to hi-tech hackers, so activate the encryption program that most electronic health record (EHR) systems already offer.
• Perform a risk analysis to evaluate potential for cyberattack. Not all software is created equal—as doctors investigating EHR vendors can attest—and older model computer operating systems (OS) might not be HIPAA compliant any longer due to end of support.
• Add peace of mind with cyberliability insurance. Protect business functions online, including operating the practice website and storing confidential patient records with cyberliability insurance available from AOAExcel.
• Review the HIPAA Privacy and Security Rules. Doctors of optometry who transmit information in an electronic format, such as a claim to Medicare or other payers, are considered covered entities under HIPAA and should be aware of the HIPAA Privacy and Security Rules.