As I scan through the emails and tweets about another healthcare facility being hit by the Locky Ransomware email, or thousands of records being stolen from many healthcare facilities, it reminds me of the classic childhood game Duck, Duck, Goose.

In the game, one child goes around in a circle and randomly selects another child and yells out GOOSE! Then, the chase is on to catch the first child before their spot is taken. In many ways, hackers and attackers act in the same manner.

According to this HIPAA Journal article, the healthcare industry accounts for 88% of ransomware attacks. That is frightening and unnerving! All of us have PHI stored somewhere: at our dentist, optometrist, hospital, or personal doctor. Could they be one of the 88%? The GOOSE can be chosen at any time.

So what can you do to protect your data? Here are the top 5 items that you should look at today:

  1. Disk Encryption: This is critical and a requirement for ALL of our clients. I cannot stress enough the need to protect data at rest. If you have Windows 10 Pro, then it’s FREE! If you’re running Windows 7 or Windows 10 Home, the upgrade cost is only $99 — cheaper than a data breach worth millions!
  2. Firewall: Make sure your system’s firewalls are enabled! Take a look in systems preferences on your Mac or Settings on your PC and make sure it’s enabled.
  3. Network Security Firewall: This is hands down, one of the best areas you can invest in. We prefer Cisco Meraki security firewall appliances to handle the job.
  4. Patching: Make sure your PCs and Macs are current on all their patching! Period. It’s not only a best practice but it is a requirement of HIPAA compliance.
  5. Antivirus: Whenever your Windows or Mac is up, it should be running an up-to-date antivirus program. These work in the background blocking not only viruses, but all sorts of malware.

These are just some of the areas you can look at today so YOUR practice does not end up the GOOSE!

3 Common HIPAA Compliance Mistakes