Cybersecurity pearls for online shopping
Cyber Monday caps many Americans' post-Thanksgiving shopping weekend with some of the best online deals around, but with all those digital transactions occurring, don't forget smart cyber-stewardship.
Last year alone, Cyber Monday accounted for $3.45 billion in sales, going down as the largest-ever e-commerce day in U.S. history. All-told, that Black Friday to Cyber Monday weekend accounted for a 15% bump in online sales over 2015, or $12.8 billion. That's a trend not likely to diminish this season, market experts predict, with more people opting to shop using their mobile devices rather than visiting traditional brick-and-mortar stores.
It's this online shopping frenzy that presents an opportunity for cybercrime and a potential nightmare for unaware, unprotected consumers. Given the sensitive nature of data collected by doctors of optometry, and the profession's bout with an ongoing data breach, consider these steps to safeguard yourself and your office systems during this holiday shopping season.
- Be suspicious. Be wary of spam or unsolicited emails that may be attempts at sophisticated spear-phishing scams, encouraging you to click a malicious link that's masquerading as a familiar source. Be skeptical of any attempts to solicit personal, financial or network security information, and verify email or redirect website addresses before automatically clicking on a link.
- Be in control. Personal, financial or network security information that falls into the wrong hands can be costly and hurt your business dearly. If shopping online, use a credit card instead of a debit card, monitor your credit for fraudulent purchases, check for a secure URL and that you're connecting to the proper domain. A URL that begins with "https" ensures the website is secured using an SSL Certificate.
- Be mindful of your passwords. Require secure passwords and authentication. Don't use commonly used passwords, such as '123456.' The U.S. Federal Trade Commission (FTC) recommends using pass phrases and substituting numbers and characters for letters (an example would be using an ampersand for an "a" or a 3 for an 'e'). An example of a pass phrase that would throw off cyberthieves, but would be easy to remember, might be "myfavoritefoodischocolate" but with special characters. Consider using multi-factor authentication as an effective way of preventing "credential stuffing."
- Be wary of your surroundings. While more and more people use mobile devices to do their online holiday shopping, it's important to remember that public Wi-Fi isn't secure. Ensure the connection that you're using is legitimate by verifying the connection's name or IP address.
Although it might seem to go without saying to keep track of your device, in 2014 alone, 2.1 million Americans had smartphones stolen and another 3.1 million lost them altogether. If those devices contain passwords, work email or apps to remotely access the practice's EHR, then a lost device represents a HIPAA Security Rule violation and must be reported.
Read "Danger Data: The (Digital) Threat Within," in the May 2017 edition of AOA Focus.
What happened to the FTC’s noncompete ban?
The federal rule would have prevented noncompete arrangements, common in physician employment agreements. But rule enforcement is on hold while courts review.
Keeping your practice (and finances) safe
Long-term disability insurance provides protection from the financial fallout of illness or injury.
2.9% Medicare cut, broadly panned, looms over 2025 as advocates press Congress
The AOA and other physician groups are working toward a congressional fix that would save Medicare physicians another annual pay cut from statutory budget requirements.