Blog

October 9th, 2014

Security_Oct07_AEarlier this year news broke of one of the most widespread and potentially devastating bugs to-date - Heartbleed. While heartbleed was massive and companies are still dealing with the fallout to this day, news has recently broke of an even bigger potential threat: Shellshock. This is a security issue all business owners, managers, and employees should be aware of.

What exactly is Shellshock?

Shellshock is the name applied to a recently uncovered software vulnerability which could be exploited to hack and compromise untold millions of servers and machines around the world. At its heart, the Shellshock vulnerability is based on a program called Bash. This is a Unix-based command program that allows users to type actions that the computer will then execute. It can also read files called scripts that contain detailed instructions.

Bash is run in a text-based window called a shell and is the main command program used by OS X and Unix. If you have a Mac computer and want to see what Bash looks like, simply hit Command (Apple Key) + Spacebar and type in Terminal. In the text-based window that opens in Bash you can enter commands using the Bash language to get your computer to do something e.g., eject a disc, connect to a server, move a file, etc.

The problem with Bash however is that it was recently discovered that by entering a specific line of code '() { :; };)' in a command you could get a system to run any following commands. In other words, when this command is used, Bash will continue to read and execute commands that come after it. This in turn could lead to a hacker being able to gain full, yet unauthorized, access to systems without having to enter a password. If this happens, there is very little you can do about it.

Why is this such a big issue?

To be clear: Shellshock should not directly affect most Windows-based machines, instead it affects machines that use Unix and Unix-based operating systems (including OS X). So why is this so big a deal when the majority of the world uses Windows-based computers? In truth, the majority of end-users will be safe from this exploit. However, the problem lies with bigger machines like Web servers and other devices such as networking devices, and computers that have had a Bash command shell installed.

While most users have Windows-based computers, the servers that support a vast percentage of the Internet and many business systems run Unix. Combine this with the fact that many other devices like home routers, security cameras, Point of Sale systems, etc. run Unix and this is becomes a big deal.

As we stated above, hackers can gain access to systems using Bash. If for example this system happens to be a Web server where important user information is stored, and the hacker is able to use Bash to gain access and then escalate themselves to administrative status, they could steal everything. In turn this could lead to the information being released on to the Web for other hackers to purchase and subsequently use to launch other attacks - even Windows-based systems. Essentially, there are a nearly unlimited number of things a hacker can do once they have access.

If this is not dealt with, or taken seriously, we could see not only increased data breaches but also larger scale breaches. We could also see an increase in website crashes, unavailability, etc.

So what should we do?

Because Shellshock mainly affects back-end systems, there is little the majority of users can do at this time. That being said, there are many Wi-Fi routers and networks out there that do use Unix. Someone with a bit of know-how can gain access to these and execute attacks when an individual with a system using Bash tries to connect to Wi-Fi. So, it is a good idea to refrain from connecting to unsecured networks.

Also, if you haven't installed a Bash command line on your Windows-based machine your systems will probably be safe from this particular exploit. If you do have servers in your business however, or networking devices, it is worthwhile contacting us right away. The developers of Bash have released a partial fix for this problem and we can help upgrade your systems to ensure the patch has been installed properly.

This exploit, while easy to execute, will be incredibly difficult to protect systems from. That's why working with an IT partner like us can really help. Not only do we keep systems up-to-date and secure, we can also ensure that they will not be affected by issues like this. Contact us today to learn how we can help.

Published with permission from TechAdvisory.org. Source.

Topic Security
October 3rd, 2014

HealthcareIT_Oct02_AThe deployment and utilization of electronic medical records (EMRs) is driving a health-care technology revolution as physicians find that their EMRs complement their other systems, enabling the establishment of patient portals, medication tracking, and electronic prescribing among other things.

Physicians are making strides in regard to technology adoption, however, in many cases it’s the result of necessity rather than desire. As the industry moves away from the fee-for-service model, and places more emphasis on quality reporting, physicians have to pay attention to workflows so they can capture data in a timely manner.

What some physicians don’t understand is the benefit of technology to their practices. In addition to giving physicians more time to spend with their patients, it allows them to serve as caretakers of personal health information, and this puts them in a position to be more dominant in accountable care organizations and control relationships with provider partners.

One area in which physicians are behind is ICD-10 conversion. Many who had hoped for the delay, and now that they have it, aren’t moving forward fast enough. Indeed, some industry analysts believe the one-year delay to October 2015 may have actually slowed down the process of conversion.

If you are struggling with the technology in your practice, contact us today. Our wide-variety of services can be tailored to help make technology not only easier to use but also manage. We can also help ensure that your practice is ready for ICD-10 well ahead of the projected deadline.

Published with permission from TechAdvisory.org. Source.

October 3rd, 2014

Genhealth_Oct02_AFor the first time ever, achieving meaningful use depends on patient behavior: Meaningful use Stage 2 requires at least 5 percent of a health-care provider's patients to be engaged in their own care— either through an electronic medical record (EMR) or an online portal.

The push for patient engagement is understandable, if data provided by the Robert Wood Johnson Foundation is accurate. According to the foundation, patients who are not engaged in their own health care can cost 21 percent more than patients who are highly engaged.

But, many health-care providers are worried about the patient engagement requirement, and for good reason: To some extent patient engagement is out of the physician’s control. But it doesn’t have to be, with good communication, both in the office and via electronic followup.

The first step is letting your patients know you have an online portal, which they may not be aware of. According to a survey from Technology Advice, a consulting firm, 40 percent of people who saw a primary-care physician within the last year didn’t even know if the physician offered a portal.

Keep in mind, however, that you may want to do more than create and communicate about a patient portal. By creating a vehicle that connects all stakeholders across the health-care continuum—patients and physicians alike—you truly elevate the patient experience.

If you are looking for help meeting these requirements, contact us today to learn how our systems and experts can support your practice.

Published with permission from TechAdvisory.org. Source.

October 2nd, 2014

Security_Sep29_AWith the ever growing number of security threats faced by businesses around the world, the vast majority of business owners have adopted some form of security measures in an effort to keep their organizations secure. But, how do you know the measures you've implemented are actually keeping your systems safe? Here are five ways you can tell if your security measures aren't sufficient.

1. Open wireless networks

Wireless networks are one of the most common ways businesses allow their employees to get online. With one main Internet line and a couple of wireless routers, you can theoretically have the whole office online. This method of connecting does save money, but there is an inherent security risk with this and that is an unsecure network.

Contrary to popular belief, simply plugging in a wireless router and creating a basic network won't mean you are secure. If you don't set a password on your routers, then anyone within range can connect. Hackers and criminal organizations are known to look for, and then target these networks. With fairly simple tools and a bit of know-how, they can start capturing data that goes in and out of the network, and even attacking the network and computers attached. In other words, unprotected networks are basically open invitations to hackers.

Therefore, you should take steps to ensure that all wireless networks in the office are secured with passwords that are not easy to guess. For example, many Internet Service Providers who install hardware when setting up networks will often just use the company's main phone number as the password to the router. This is too easy to work out, so changing to a password that is a lot more difficult to guess is makes sense.

2. Email is not secure

Admittedly, most companies who have implemented a new email system in the past couple of years will likely be fairly secure. This is especially true if they use cloud-based options, or well-known email systems like Exchange which offer enhanced security and scanning, while using modern email transition methods.

The businesses at risk are those using older systems like POP, or systems that don't encrypt passwords (what are known as 'clear passwords'). If your system doesn't encrypt information like this, anyone with the right tools and a bit of knowledge can capture login information and potentially compromise your systems and data.

If you are using older email systems, it is advisable to upgrade to newer ones, especially if they don't encrypt important information.

3. Mobile devices that aren't secure enough

Mobile devices, like tablets and smartphones, are being used more than ever before in business, and do offer a great way to stay connected and productive while out of the office. The issue with this however is that if you use your tablet or phone to connect to office systems, and don't have security measures in place, you could find networks compromised.

For example, if you have linked your work email to your tablet, but don't have a screen lock enabled and you lose your device anyone who picks it up will have access to your email and potentially sensitive information.

The same goes if you accidentally install a fake app with malware on it. You could find your systems infected. Therefore, you should take steps to ensure that your device is locked with at least a passcode, and you have anti-virus and malware scanners installed and running on a regular basis.

4. Anti-virus scanners that aren't maintained

These days, it is essential that you have anti-virus, malware, and spyware scanners installed on all machines and devices in your company and that you take the time to configure these properly. It could be that scans are scheduled during business hours, or they just aren't updated. If you install these solutions onto your systems, and they start to scan during work time, most employees will just turn the scanner off thus leaving systems wide-open.

The same goes for not properly ensuring that these systems are updated. Updates are important for scanners, because they implement new virus databases that contain newly discovered malware and viruses, and fixes for them.

Therefore, scanners need to be properly installed and maintained if they are going to even stand a chance of keeping systems secure.

5. Lack of firewalls

A firewall is a networking security tool that can be configured to block certain types of network access and data from leaving the network or being accessed from outside of the network. A properly configured firewall is necessary for network security, and while many modems include this, it's often not robust enough for business use.

What you need instead is a firewall that covers the whole network at the point where data enters and exits (usually before the routers). These are business-centric tools that should be installed by an IT partner like us, in order for them to be most effective.

How do I ensure proper business security?

The absolute best way a business can ensure that their systems and networks are secure is to work with an IT partner like us. Our managed services can help ensure that you have proper security measures in place and the systems are set up and managed properly. Tech peace of mind means the focus can be on creating a successful company instead. Contact us today to learn more.
Published with permission from TechAdvisory.org. Source.

Topic Security
October 2nd, 2014

Hardware_Sep29_AComputers and mobile devices might be high tech but they are still exposed to dust and grime and get dirty after a time. While for many a slightly unclean screen is a minor annoyance, neglecting to clean your devices could result in a decrease in longevity and possibly performance too. Once you commit to regularly cleaning your tech equipment it is important that you know how.

Cleaning desktop monitors

The monitor on your desktop is what many people spend the majority of their days in the office looking at. A clean monitor makes it easier to see your desktop more clearly. The best way to clean your monitor is to turn it off first, then take a microfiber cloth (these can be purchased at many optical stores as well as computer stores) and gently rub in a circular motion.

If there are still spots, then dip the cloth in a tiny bit of water - don't spray the water onto the screen - and try cleaning again. It is important that you don't press hard on the screen, as this could damage your monitor's pixels. Also, it is not a good idea to use paper-based products like paper towel or tissue, as they will not only leave residue, but may actually scratch the monitor slightly.

Cleaning mobile screens

Mobile and other touch screens usually will get your fingerprints all over them, making it harder to see what you are looking at. The best way to clean these screens is with a microfiber cloth. For tougher to remove spots you can dip the cloth into a small amount of water and then gently wipe the screen. Don't splash water onto it before cleaning, as water could get inside the device, which will likely void the warranty while potentially ruin internal components.

Some people suggest rubbing alcohol to remove fingerprints and disinfect the device. While this will be ok for some screens, many manufacturers recommend against it because the alcohol can eat away at the protective film on some devices.

If you notice that there is a lot of dust or gunk on the edges of your screen, or even in cracks, you may need to take the device into a mobile shop for further cleaning. Do not open the device yourself as this could void the warranty.

Cleaning your keyboard

Our fingers are touching keyboards almost all day, and after a while you will notice that your keyboard gets a bit grungy, with debris and dirt even between the keys. Before you do start cleaning, be sure to unplug the keyboard, or turn it off if it is wireless. To clean the upper parts of the keys - where your fingers strike the keys - try dipping cotton swabs into rubbing alcohol and then cleaning the keys with a gentle rub.

To clean between keys you will need compressed air which can be purchased at most office supply and computer stores. Spraying in between keys should be enough to get rid of most of the dust and grit.

Cleaning your mouse

Like the keyboard, the mouse can get quite dirty too, with grime from your fingers and dust in general. The best way to clean a mouse is to first unplug it and then use cotton swabs dipped in rubbing alcohol to gently clean it. You should not need to open your mouse and most models are designed to not be opened by users.

Cleaning your laptop's body

If your laptop's body is dirty the most effective way to clean it is to turn it off, unplug it, and clean it with cotton swabs dipped in rubbing alcohol. Some online articles recommend using a Mr Clean Magic Eraser, or similar cleaning tool. While this does work, it acts in the same way as super fine sandpaper, so you have to be careful that you do not end up actually lightly scratching the body.

Cleaning your computer tower

Some people may want to clean their desktop computer's tower. While this is doable by taking a slightly damp microfiber cloth and wiping down the front and side of your tower, we strongly recommend avoiding the back, and certain areas of the front, as there are ports and components that could be easily damaged.

As always, be sure to disconnect the power source and all wires before cleaning, as any water damage could ruin your computer.

Cleaning the inside of your computer

Dust will eventually get into the inside of your computer and could clog up cooling fans, causing them to stop working properly. This can potentially lead to other components overheating. The internal components of your computer are extremely fragile and need to be handled with great care. Do not take the case off of your computer as this usually voids your warranty.

For all of your computer needs our technicians are here to help.

Published with permission from TechAdvisory.org. Source.

Topic Hardware
September 30th, 2014

Web_Sep29_AThe cloud has gone from a theoretical concept to being so commonplace that it's a challenge to find a business that doesn't have at least one cloud service supporting operations. While there is no dearth of cloud solutions, one of the increasingly popular systems is cloud-based ERP. Here we give you an overview of what exactly this is and reveal some great benefits it offers small to medium businesses.

Define: Cloud-based ERP

Enterprise Resource Planning (ERP) is management software, usually offered as a bundle of applications, that aims to help businesses automate data collection, storage, management, and interpretation from various business sources like accounting, inventory, marketing, service delivery, etc.

Using this automation, business owners and managers can get an integrated real-time view of business processes, resources, and commitments. Beyond this, ERP facilitates the flow of information between departments while integrating systems used into one overall platform, thus reducing the chances of disparate data between departments.

Cloud-based ERP solutions are simply a suite of ERP apps that are delivered to users over their Internet connection, usually accessed via a browser. The software usually does not need to be installed on computers and is offered on a per-user, per-month, flat-rate fee.

Companies that have integrated cloud-based ERP solutions have experienced many benefits, five of the most common being:

Increased ERP performance

One issue many businesses come across when they implement an in-house ERP solution is that it can often require a fair amount of computer power in order to function with the highest efficiency. For small businesses this will likely mean investing in separate servers which will need to be set up and maintained. If this is executed poorly, and you could see performance drop.

Cloud-based solutions however only require a steady Internet connection, which many small to medium businesses already have. The resources to host the solution are taken care of by the provider, which means that the systems should perform better than most in-house offerings, regardless of the systems you currently have.

Decreased operating costs

An in-house ERP solution will require hardware to support it, along with knowledgeable staff to install and maintain it. For small to medium businesses, this will likely entail new hires which won't come at a low cost.

Combine this with the fact that you will also need to actually purchase the ERP solution, and the related licenses, and it could add up to a large percentage increase in your overall IT budget.

When you choose a cloud-based ERP, you normally only have to pay a flat-rate monthly fee, which means total cost of implementation will likely be far lower. Beyond this, many providers can also manage the solution, taking care of installing and maintaining the systems. This in turn, will even out your operating costs, and if implemented correctly could even result in an overall decrease in expenses.

Enhanced access to information

Companies that don't have any ERP will likely find that they struggle to find the information they need, when they need it. ERPs can help bring together the relevant information in a more effective manner than say spreadsheets.

Combine this with the fact that cloud-based ERP solutions are accessible via the Internet, and this means you will have access to your information from anywhere you have an Internet connection. This could in-turn increase overall business operations and make accessing information outside of the office far easier.

Increased security

Because of the nature of the information that ERP systems deal with, you are going to want to keep this secure from both outside sources and those in the company who you don't want to have access to it.

When it comes to keeping your data safe from outside sources, most cloud-ERP solutions offer enhanced security measures which makes sure the data is secure moving from your systems to the host servers and when it is at rest.

For internal matters, data security is ensured because of how the system is accessed. You will need to access your ERP systems using an account, with each user usually being assigned their own account. Access can be controlled via central admin panels, and for people who don't need to access, you can simply not give them an account.

Generally speaking, cloud-based ERP systems can offer enhanced security over other options, with many providers taking enhanced measures to ensure that data on their solutions is safe.

Continued support

Like other cloud solutions, cloud-based ERP solutions often offer 24/7 support. Should there be an issue, it can usually be solved quickly. Beyond this, the provider will work to keep all solutions updated. So important updates with security fixes and new features get pushed to all users immediately.

This can increase overall security as hackers have been known to attack systems using older, outdated versions of popular in-house ERP programs. It can also help make your employees more productive because if there is an issue they will be able to contact a provider who will likely be able to fix the problem far faster.

If you are looking to learn more about ERP, or Cloud-based ERP, contact us today to learn more about our solutions and how we can help.

Published with permission from TechAdvisory.org. Source.

Topic Web
September 19th, 2014

Security_Sep15_AData breaches are growing both in number and intensity. While many businesses have turned to cloud apps for better security measures, some experts and businesses worry about the cloud, mentioning that it could see an increased data breach risk. This leads to a collision course between data breaches and cloud usage. But it doesn’t have to end in a fiery crash, as there are steps you can take to prevent a cloud and data security breach.

The cloud opens up some great tech advancements for businesses and is here to stay. However, as with all tech developments, you need to also be aware of any vulnerabilities and security issues as they change and develop at the same time too. If you use the cloud and want to proactively prevent cloud-and-data security breaches then here are five tips to follow:

  1. Know your cloud apps: Get a comprehensive view of the business readiness of apps and which ones render you more or less prone to a breach. Ask yourself these questions: Does an app encrypt data stored on the service? Does it separate your data from that of others so that your data is not exposed when another tenant has a breach? The idea here is to know exactly what each cloud service employed offers and how your company uses them.
  2. Migrate users to high-quality apps: Cloud-switching costs are low, which means that you can always change and choose apps that best suit your needs. If you find ones that don’t fit your criteria, take the time to talk to your vendor or switch; now more than ever you have choices, and the discovery process in step one will help you find out what these are.
  3. Find out where your data is going: Take a look at your data in the cloud. Review uploads, downloads, and data at rest in apps to get a handle on whether you have potential personally-identifiable information (PII), or whether you simply have unencrypted confidential data in or moving to cloud apps. You wouldn’t want cloud-and-data breaches with this critical data.
  4. Look at user activities: It’s important to understand not only what apps you use but also your data in the context of user activity. Ask yourself: From which apps are people sharing content? According to tech news source, VentureBeat, one-fifth of the apps they tracked enable sharing, and these aren’t just cloud storage apps, but range from customer-relationship management to finance and business intelligence. Knowing who’s sharing what and with whom will help you to understand what policies to best employ.
  5. Mitigate risk through granular policy: Start with your business-critical apps and enforce policies that matter to your organization in the context of a breach. For example, block the upload of information covered by certain privacy acts, block the download of PII from HR apps, or temporarily block access to vulnerable apps.
The key to preventing a cloud-and-data security breach lies in careful attention to your cloud applications and user activity. Analyzing your apps and looking into user activities might be time consuming, but the minimization of cloud-and-data security breaches makes this task worthwhile. Looking to learn more about today’s security? Contact us and let us manage and minimize your risks.
Published with permission from TechAdvisory.org. Source.

Topic Security
September 18th, 2014

Productivity_Sep15_AAlmost every employee in every role relies on technology in order to do their job. When technology is working, everything hums along and productivity is solid. The second our technology stops working however, we can find ourselves struggling to even complete the most basic of tasks. The result can be a dramatic drop in overall productivity. The thing is, we know our systems will eventually breakdown. But, do you know what to do when this actually happens?

What to do when your systems stop working

Often, our first reaction when our technology or systems stop working is to either panic, or get angry. Once we are over this, we often feel desperate to get the problem fixed but may be at a loss as to what to do.

When technology does breakdown, here are some recommended steps you should take:

  • In the words of Douglas Adams, "Don't Panic!" - One of the more popular quotes from the immensely successful Hitchhiker's Guide to the Galaxy is "don't panic". This rings true for the vast majority of tech problems. While you may feel like you are facing a big issue at the time, most systems can be fully recovered. This is especially true if you have backup solutions in place.
  • Note what you were doing before the problem occurred - This is an important step, as when something does go wrong, one of the first things tech support will ask you is what you were doing before the problem occurred. The more information that you can give them, the more likely they will be able to solve the problem faster.
  • Ask your colleagues if they are having the same problems - Because so many business systems are networked together, many techs will want to see if problems are localized to your computer or are network wide. Armed with this information, it is far easier to work out the most effective solution.
  • Try turning it off and on again - When faced with many tech problems, you will be asked to turn the system - be it your computer, an app, server, etc. - off and on again. Sometimes the fault lies in the software or short-term memory (RAM) of systems, and turning the system off and on again is enough to fix this.
  • Google it - If an issue persists and it is related to the software on your computer, or a website, try searching the Internet for an answer. If the page doesn't load, you then know the problem is related to the Internet connection. Should the problem be with a cloud service, checking the provider's website or social media feeds is useful to check for post status updates of their systems.
  • Don't rush into a supposed fix - It can be tempting to try out the first supposed fix you come across or someone suggests. The problem is, some 'fixes' can actually end up harming a system even more. For example, you may find suggested fix for a phone that has been dropped into water that says to take the device apart and dry it with a blow dryer. This will damage components, and also void your warranty, which could make the issue even more expensive to deal with. Instead, you should seek the advice of an expert like us.
  • Don't overreact - Have you ever felt so frustrated you have wanted to reach out and smack your computer? While this may make you feel better on one level the reality is that you could make a bad situation worse. When faced with any tech troubles it is best to walk away for a short time so that you can deal with the situation in a calm and collected way.
  • Call your IT partner or IT helpdesk - If the system doesn't work after restarting we strongly recommend stopping there and reaching out to your IT helpdesk or an IT partner like us. We have the experience to investigate the problem, and we can usually come up with an answer and hopefully a fix in a short amount of time.

Preventative steps you should take

While it is inevitable that systems will eventually breakdown, it doesn't mean we are powerless to prevent this from happening, or at least minimizing the potential fallout. One of the easiest preventative measures you can take is to try and take care of your devices and systems. This includes being careful to not physically damage them, while also being sure to watch what you install on your systems, and implementing security standards.

We also strongly recommend working with an IT partner like us. We can help manage your systems and implement measures to keep them working long into the future. Beyond that, we can help monitor systems so that should something start to go wrong, we can begin to implement a fix even before you notice it. And, if something should break down, we can either fix it ourselves or recommend an expert who will be able to help.

Looking for help keeping your systems running and employees productive? Contact us today to learn more about our services and how they are designed to help.

Published with permission from TechAdvisory.org. Source.

Topic Productivity
September 10th, 2014

Office_Sep08_AHave you ever been working with a list in Excel and had to combine more than two cells into a new cell? The seemingly easiest way to do this is to copy the contents from both cells and paste them into the new cell, then edit them for spacing. But, did you know that there is actually a formula called concatenate that you can use to combine contents and display this in new cells?

Using the concatenate formula to combine cells

If, for example, you have a spreadsheet with first names in column A, last names in column B, and want to combine them into column C to display the full name you can do so by:
  1. Clicking on cell C2 (or the row where the information you want to combine is)
  2. Typing =concatenate(
  3. Clicking on cell A2 and then adding a comma (,)
  4. Clicking on cell B2 and closing the formula with a closing bracket
  5. Hitting Enter
You should see the two cells are now combined in cell C2, with the formula for cell C2 reading:

=CONCATENATE(A2,B2).

The problem is, there will be no space inbetween the letters or numbers, so you will need to edit the formula to read:

=CONCATENATE(A2," ",B2)

The double quotations with a space in between them tells Excel to add a space to the cell in between the contents of A2 and B2.

If you have more than two columns you would like to combine, then simply add a comma after each cell. If for example you have three columns (A1, B1, and C1) you would enter the formula:

=CONCATENATE(A1 " ",B1 " ",C1) in column D1.

Combining two cells without concatenate

While concatenate works well, there is actually a shortcut that you can use which involves the ampersand '&':
  1. Click on cell C2 (or the row where the information you want to combine is)
  2. Type =
  3. Click on cell A2 and then type & in the formula.
  4. Click on B2 and hit Enter
You should see the contents of A2 and B2 combined together in C2. If you click on cell C2 and look at the formula, it should read: =A2&B2.

The only problem is, there won't be a space between the content. To add a space, you can edit the formula so that it reads:

=A2&" "&B2

Note the space between the two quotation marks. This tells Excel to add a space between the contents of A2 and B2.

Once you have the base formula on one cell, you can press the small box at the bottom of the cell and drag it down the row so that the other information can be quickly compiled. This makes it much easier than having to copy and paste the content individually. And, If you would like to learn more Excel tips, contact us today. We can save you valuable time and resources.

Published with permission from TechAdvisory.org. Source.

September 5th, 2014

HealthcareIT_Sep03_AAs of June 30, 2014, more than 1,000 data breaches affecting more than 500 patients each have been reported to the Department of Health & Human Services – for a total of roughly 32,000,000 people who have had their privacy compromised. And, according to the annual Redspin Breach Report, published in February of 2014, 7.1 million patient records were breached in 2013, a 137.7% increase over 2012.

And, the threat is getting broader. Once caused primarily by snooping or negligent employees, data breaches are now increasingly caused by cybercriminals who realize the potential financial value of medical records. Case in point: The Chinese hacker attack on the 206-hospital Community Health Systems which resulted in the breach of 4.5 million patient records, the second-largest HIPAA breach ever reported.

No physician practice should consider itself immune. While large hospital systems may be most attractive to hackers, Eric Perakslis, executive director of Harvard Medical School’s Center for Biomedical Informatics, recently wrote in a New England Journal of Medicine article that 72 percent of cyberattacks have been aimed at hospitals, group practices and other provider organizations.

Perakslis recommends an “active learning approach” that involves real-time surveillance of emerging threats – and that includes an intimate knowledge of one’s own network and vigilance at one’s own practice. One of the most effective ways you can do this is to work with a company like ours who can help not only ensure security of your systems but also help teach you and your staff about common security issues.

Published with permission from TechAdvisory.org. Source.