Cybercriminals are working harder than ever – so stay prepared to keep your practice’s computer systems protected. Here are some tips to help you do so.
In 2020, the FBI Cyber Division issued a warning that any computers running on Windows 7 are vulnerable to cyberattacks. If you’ve not updated your system to at least Windows 10, it’s time to make it a priority.
If you operate a PC (rather than an Apple device) and aren’t sure what version of Windows you are running, the easiest way to find out is to click the magnifying glass icon on the lower left side of your screen and type in “Windows version.” This should provide a system summary, which includes the version. For details about how to upgrade to Windows 10, check out the Windows 10 page on the Microsoft website.
Performing regular Windows updates is important for security. To do so, click the magnifying glass icon and type “Check for Updates.” Check at least once a month to see if any new security updates have been released.
Encryption: A “key” piece
Having Windows 10 or 11 installed on your laptop or computer also assists with encryption, which converts patient information into code in order to protect it. Encrypting the devices you and your staff use for work helps facilitate regulatory compliance. This is especially true for laptops, smartphones, and other mobile devices. Find additional information about how encryption mitigates the effects of lost or stolen devices on the Texas Medical Association's website.
On Windows 10 or higher, Microsoft offers the built-in encryption tool called BitLocker on its Professional version. You can confirm whether your computer has encryption enabled by clicking the magnifying glass icon, then typing in and choosing BitLocker. If you have the Home version, you can upgrade to the Professional version for a relatively small fee. BitLocker requires creating a second password, or “key,” to unlock the encrypted data, and it creates a recovery key in case something happens to your original key or installation. The BitLocker password and recovery key should not be stored with the laptop. Other free and paid solutions exist if you can’t or don’t want to use BitLocker.
Apple devices running Mac OS X and macOS purchased in approximately the past 15 years include a feature called FileVault that will encrypt the entire system. To enable it, open your Mac preferences, select Security and Privacy, and turn on the FileVault encryption. It also requires a decryption password, so be sure to store your password somewhere safe in case you forget it.
Remember: Don’t store your encryption password/recovery key on the computer you’re encrypting. Otherwise, you won’t be able to access the password if you forget it.
Backups and other notes
It’s important to back up your data, keep multiple backup points, and test your backups to make sure they can be restored. It’s also recommended that your backups be disconnected from the internet. If your systems do get infected, some ransomware will also infect your backups if it can locate them.
Don’t forget about your internet routers, which are also vulnerable. Many routers update themselves automatically, but only if you enable the feature. Check your router manufacturer’s website to get details about security features.
Additionally, the American Medical Association recently updated its physician cybersecurity guidance, which provides useful information and tips to ensure you keep patient health information secure.
If you have other questions, contact the TMA Knowledge Center at (800) 880-7955 or visit the Ransomware and Cyber Security Resource Center on the TMA website.