Cyber and Data breaches are one of your biggest threats as a Dentist. Technology and data are fundamental to doing business today and with the digital landscape changing all the time it is difficult to see where the next risk can come from.
As businesses evolve and become more reliant on technology, the risks of suffering a loss related to problems with computer systems, or from holding sensitive customer data, continue to grow. This can lead to lost revenue, a damaged reputation, and legal and regulatory costs, not to mention the associated business disruption of dealing with the inevitable fall-out resulting from a breach.
So far this year there have been over 700 data breaches in the healthcare sector – which is more than any other sector – and with the notification of breaches increasing each and every quarter.
Source: Information Commissioners Office (December 2014)
For years, security professionals have been saying “either you have been data-breached or you just do not know that you have been data-breached.”
Well publicised breaches have happened at GCHQ, The Home Depot, Sony, eBay, Booking.com, Dominos – to name just a few and the costs, before fines, on some of these cases have exceeded $100,000,000.
As as a Practitioner you have some of the most sensitive information on individuals available and the protection of these records is imperative. Both external threats and internal errors pose risks and if your network, or data, was compromised your practice could grind to a halt and be subject to huge costs for reparation and possible fines.
This could be down to something as simple as an employee loosing, or worse, stealing your sensitive information or data, a virus in your computer network or even a hacker closing down your website or accessing your records.
If you were to suffer a data breach the costs of fixing the problems caused and business delays would mount up – as well as the time spent negotiating with regulators such as the GDC. Managing the necessary investigations takes time and affected patients could sue for damages. Costs could run into hundreds of thousands.
Any of these breaches could have a huge impact on the reputation of your business. Many individuals we have spoken to believe they have protection in place; however the reality – in most cases – is that cover does not extend to these perils and, worryingly, less than 5% of UK businesses have the correct cover in place.
Some recent examples of claims
- A hacker gained access to customer records (and payment details) via an extranet portal which was intended to allow staff to work from home. In total 1,100,000 records were accessed resulting in a penalty of £150,000 by the ICO (Information Commissioner’s Office).
- A hacker accessed network passwords and threatened to publish sensitive information in the public domain unless a ransom fee was paid.
Data can be found on – but not limited to – computer systems, websites, paper files, flash drives, tablets, ‘phones to name just a view, and that data is not just limited to patients’ personal details but goes as far as CCTV footage which you may have at your practice.
Data breaches, along with taxes and death, are now a fact of life and in 2013 60% of small businesses in the UK suffered some type of security breach.
Thankfully there are insurers and service providers who can assist – not only in assessing the risks to your business and mitigating the exposure – but also ensuring that you have the financial support and advice necessary in the event of a breach.
The team at All Med Pro will be more than pleased to advise you on the threats to your business and be happy to discuss the solutions available.