When we meet a potential Client, we often pose the question: “If your clinic was subject to a malware attack, a system-wide outage, or a natural disaster, how long can you afford to be without your IT systems?” The answer is inevitably “24 hours or less.”
TRINUS believes in a proactive approach to IT system maintenance and Cyber Security. In addition to system upgrades and effective Cyber Security protection, user education is required to keep staff vigilant in recognizing Cyber Threats. The ongoing cost of effective Cyber Security Countermeasures is small, when compared to the cost of recovering from a Cyber Attack, which often involves completely rebuilding an IT system, paying for lost productivity and staff wages, and irreparable damage to the Clinic’s professional reputation.
Recent reports show an exponential growth in Ransomware Attacks on Medical and Dental clinics. Recently we have worked with some Alberta-based clinics that have been affected by a Ransomware virus. Ransomware can infiltrate clinics in different ways: The most common attack vector is through Phishing emails, which are emails that contain links or attachments infected with Ransomware. Once opened, the virus spreads rapidly to the local computer, and then to other devices and files on the network. It’s not uncommon to see a complete network system infected within a few minutes. Another popular entry-point for Ransomware is remote connections. Many doctors or Clinic Staff access records remotely from home or out-of-office. Many clinics do not employ High-Security Protocols for remote desktop connections, which allows cyber-criminals to gain full system access by cracking a simple, single-factor password. Such was the case last year with a Clinic: Once they gained access through remote desktop, hackers planted Ransomware, which quickly disabled the whole Clinic.
Of paramount importance is protecting patients’ sensitive Health and Personal Information. Once compromised, it’s copied and sold many times over, with no hope of re-establishing its’ confidentiality. Clinics are now required to disclose breaches that affect patients and their confidential information.
Let us protect your clinics and your patients!