There are numerous breach causes that you need to make sure you are aware of. Your practice has data stored in different places, and the breach causes are much more than just having to worry about employee’s letting in hackers.
- Backup tapes lost or stolen – if you are still using backup tapes, it’s time to stop. They are unreliable and really, have become a liability. It is much safer and secure to store your data off-site, and could even benefit you by creating a true backup and recovery solution. Get rid of the tapes!
- Desktop computer stolen – proper procedure would be to NOT have any ePHI on the employee’s workstations, but let’s face it. It’s there. It happens in the course of doing your daily work. An employee may download a report, have a drive with images, files, etc. A stolen desktop PC could be a nightmare. Especially if you don’t know exactly how much data is on it.
- Portable device stolen – So you have graduated from backup tapes to backing up on an external hard drive. Dangerous. Make sure the drive is encrypted, and taken off site.
- Server drives missing – If you have a failed hard drive in your server, make sure that drive is destroyed. You don’t want data drives hanging around for anyone to try to revive. Get rid of it.
- Stolen laptop – This is the number one breach in medical practices. Lost or stolen laptop. Don’t let your laptop out of your sight. Don’t leave it in the car or exposed in your office when you are not there. Also, make sure there is an encryption software on it.
Breach causes are much more than worrying about viruses and hackers. The items mentioned above are in YOUR control. You can help avoid these simple breach causes by having a good set of policies and procedures, and adhering to them.
Sheryl Cherico, CEO
Tier3MD provides IT support to medical practices.