Are You Cybersecure?
From backing up your security software to encrypting mobile devices, here’s a physician’s guide to keeping your practice safe from virtual or physical threats
Ravi Goel | | Longer Read
At a Glance:
- Ophthalmologists are increasingly dependent on electronic health records, which makes practices vulnerable to cyber threats
- A security risk analysis should be performed by the practice’s key leaders. Practices should assess their relationship with vendors, subcontractors and electronic health record (EHR) companies
- Establishing a secure culture, aimed at protecting both the virtual and physical ways of accessing patient data, is paramount
- Online cyber security modules are helpful to ensure best practices to protect the practice’s network and hardware infrastructure.
Every industry has its “good old days.” In sports, it was the 1920s, when games became the cornerstone of American life. In film, that golden era lasted five decades – from 1929 until the ‘60s. But in medicine? That’s a little more subjective. If you ask me, the “good old days” were during residency and my first years in practice in the early 2000s. Why? Because that was when a physician could find out everything they needed to know about a patient – from their visual acuity to the date of their last visit – on a single piece of paper. Now things are a lot more complicated. The same patient’s electronic health record (EHR) is seven or eight pages long, complete with forms, drop-down boxes and click buttons. There are sections dedicated to everything from dry eye to LASIK – with diagnoses taking even longer to input. A recent study by the American Medical Association (AMA) found that for every hour a doctor spends in clinic with a patient, they spend two hours at home on the EHR (colleagues across medicine refer to this as “pyjama time”). But time – or lack thereof – may not, in fact, be the biggest challenge tied to online record keeping. The under-appreciated and often hidden title belongs to cybersecurity.
Famed investor, T. Boone Pickens, once said his secret to cyber security was a yellow notepad (and thus a pen over a stylus!). In a society dealing with increasing challenges with data and privacy breaches, many believe that the only way to stay safe online is to not be online at all. But that’s not feasible for those of us in healthcare. Electronic health records are an essential part of modern ophthalmology. EHRs have often simplified access to patient information through remote access. With these benefits, EHRs have also made practices vulnerable to cyberattacks, with 83 percent of physicians having experienced some form of online threat (1). Of those, 55 percent were targeted by phishing, 48 percent by viruses or malware and 9 percent by ransomware. As physicians, we know we have to protect our practice and patient information from virtual thieves, too. But where do we start? The first step is knowing what measures you already have in place. You can do that with a security risk analysis.
Enjoy our FREE content!
Log in or register to read this article in full and gain access to The Ophthalmologist’s entire content archive. It’s FREE and always will be!
Login if you already created an account
Or register now - it’s free and always will be!
You will benefit from:
- Unlimited access to ALL articles
- News, interviews & opinions from leading industry experts
- Receive print (and PDF) copies of The Ophthalmologist magazine