Protect Your Data & Patient Privacy

/

Global technological threats are growing. Privacy is breached knowing that anyone can access your information from your smartphone or computer, without even having grab hold of it. The WannaCry hack is a wake-up call for everybody, which should prompt everyone to raise their security levels.

It is important that physicians should be able to protect their patient’s privacy. Cosmetic and aesthetic physicians should take caution most especially considering the nature of their treatments and procedures.

Imagine the the following scenario; you get an email one morning that all of your patient before and after photos have been stole and if you don't pay $20k in Bitcoins by noon, they'll be posted online.

What do you do? Are you going to pay or wait until noon and see if all of your patient's before photos are posted and...

Read More

Medical Spa Phishing?

/

Phishing attacks have become more sophisticated and healthcare providers (especially cosmetic clinics) look like a prime target.

A few weeks after WannaCry’s attack on the NHS in the UK, a new cybercriminal group “The Team” hacked a Lithuanian clinic comprising private photos of their patients. The group demanded a ransom of around €50 to €2000 (approx. US$57 to US$2295), which should be converted to bitcoin. Among the compromised photos are nude photos and national IDs.

What do the WannaCry and “The Team”s hacking entail for everyone else in the globe? In simple terms, better security and privacy. However, it’s not easy to double up on security. You may need to heighten security measures on your devices and may have to change up any protocol concerning saving patient photographs and details.

The table below shows examples of privacy regulation acts in several countries

Heighten Your Practice's Security Measures

Your staff is probably already well informed about HIPAA or your country’s own Privacy Act, the dangers of having data online,  Wi-Fi passwords and such (Er... make sure your Wi-Fi is password protected.), but most attacks are not on the big players, they're a simple email that is sent to a staff member with an attachment or link that contains malware that can give access to a system. Sophisticated attackers simply find out a few emails and sends an email that looks like it's authentic. 

Unfortunately, many people will just click the link.

Example: You get an email that looks like it's from a patient complaining about a reaction with an image/link. Your front desk staff clicks on that link and malware infects your front-desk computer. 

Not somethign you want...

Read More