Click here to download the transcript.
Disclaimer: The following is an actual transcript. We do our best to make sure the transcript is as accurate as possible, however, it may contain spelling or grammatical errors. We suggest you watch the video while reading the transcript.
Hey everybody. Good morning or good afternoon, whatever it may be for you right now. This is Dr. Perry Barnhill with the Fearless Chiropractor. First, let me give a big thanks to ChiroSecure for sponsoring this. We are going to talk about ransomware today and how it affects your practice. Go to slides, please.
Click here for the best Chiropractic Malpractice Insurance
Again, big thanks to ChiroSecure. Okay, so let’s go here. Ransomware, not if, but when. So we are gonna talk about how you plan for it. How you prepare for it and how you protect yourselves in the case of when it’s probably going to happen at some point. Okay. So myself, Dr. Perry Barnhill, just like I said in the background but always with this Dr.
Julie McLaughlin. Why do we teach hipaa? We understand what it’s like to be chiropractors and also we understand what it’s like to have concerns and even scares about HIPAA and what it is we need to do, what it is. We shouldn’t do and how to protect ourselves and how to hopefully prevent any breaches from happening and to protect ourselves from having to pay any of those scary fines.
Like I said, we’re both chiropractors been out and about for a long time. We both have multiple certifications and compliance and hipaa, so we want to get at the ransomware and talking to you about that and seeing what it’s all about. But let me start with this. I wanna start with a story. It’s actually a true story and it’s actually.
Get a Quick Quote and See What You Can Save
A true event, so I’m just gonna go over this with you. It was approaching midnight on Sunday at the head of it at a Florida hospital, and they had a problem. So the emergency room had their a hundred bed facility. They called to report that they couldn’t connect to the charting system that the doctors used to look up patients’ medical histories.
So the Florida Hospital IT director soon realized that the charting software, which was maintained by an outside vendor, which many of ours are, as well as chiropractors and have in our offices, it was infected with ransomware and that he didn’t have much time to keep the virus from spreading the computer virus.
So the hospital shut down the computer system on his advice. And he said if we hadn’t stopped it, it would’ve probably spread meaning the virus throughout the entire hospital. And the IT director said, hospital staff ditched the electronic records and reverted to pen and paper to keep the hospital running and organized so that the patient care wasn’t disrupted.
Now, why do I bring you this story? Yes, I know it’s a hospital, but these things happen in chiropractic clinics as well, and they happen way more often than we think. Viruses get into computers, it affects things, and it could potentially be a massive disaster. So what is ransomware? Or at least what do most of us think ransomware is?
It is an extortion software and it can lock your computer and then demand a ransom for its release, meaning a re a release of all the information that you have in your computer regarding patient files. So in simple terms, the malware gains access to the device. And depending on the type of ransomware, either the entire operating system or indi individual file files are encrypted and then a ransom is demanded from you or from your office.
This is bad news. We don’t want to end up here. So just some real quick facts here. These things seriously affect businesses. We know that we hear about ’em all the time, but in our world, in our chiropractic clinics. It can cause devastation. These malicious actors, they getting more sophisticated with their tactics, even pressing victims for payment to stop the release of stolen data.
And the amount of cost it is just it’s insanity and it’s actually getting worse. So let’s do this, let’s just go through a quick little quiz here to bring some more awareness to this. Is this true or false? According to an IBM report of 2022, the frequency of ransom breaches. Has increased from previous years.
I think I already answered that question for you, but anyways, think about that for a second. Yes, of course. True. 7.8% of breaches in 2021 increased to 11% in 2022, and it’s increasing as we speak. Here’s another thing. The impacts of ransom of a ransomware attack, it can be cripply, crippling. It includes monetary, permanent closures, especially smaller organizations.
And what happens is these files can be deleted from our offices, from our computers, like our soap notes, our patient’s histories, everything that’s associated with that file. Financial records and patient procedures and testing can be canceled ’cause it literally could shut down or at least potentially shut down your office.
What can we, or what can we as individuals do to help prevent these things from happening? A participate in com and complete any required training. Ensure your network security is in place. Have your IT administrator contact information easily and accessibly, or all of the above. I think most of you probably chose all the above answer Ds.
So each of us, everybody in our office, not just us as the doctors, but even the staff. Play a critical role in patient care and safety. Now remember, cyber safety is patient safety, and together we can protect our practices and that’s the big thing, protecting our practices. Yes, we wanna protect our patient health information.
Definitely we wanna do that, but the consequences of not doing so falls on us as the clinic and the doctor’s owners. So the impacts of the providers, like I already said, there’s money impacts, monetary impacts. The impact to our organizations, our clinics, our offices, because guess what? When there’s breaches, depending on how big they are or how big the ransomware is, we may need to report that.
And sometimes, depending on how large that breach is, we may have to report it publicly. Permanent closures, these things shut down hospitals. They shut down clinics. They shut down chiropractic clinics. Loss of deleted files. Could you imagine the nightmare it would be to have to go through and tell everybody, or tell a lot of people their files have been deleted and just all the work that they were involved to get that back if you even could delayed, canceled patient care.
If we’re shut down, we’re shut down. If we can’t access files, it’s a big mess. System shut down, potentially crippling network systems, enforcing manual transactions where possible that’s if we’re lucky. So here’s the thing. A best, the best defense is a good offense. Most ransomware attacks are sent in phishing campaign emails.
We’ve had. Shows on this where we talked about phishing and what it is. So make sure you go back and watch those as well. Stay alert when any email asks you to enter your credentials. Installing updates in your computers in software whenever you’re prompted to do and also, there’s things we have to have in place for the rules and the laws of hipaa, like an incident response plan.
And what that means is do we have plans? Do we have procedures? Just in case something like this happens. And if we don’t, we could get ourselves in some hot water with the HIPAA police as well. Is there training should I be aware of, to understand my practices security policies? Absolutely.
There’s training. We provide that, but you have to provide it to your staff as well and yourself. Do you have emergency contact lists? There’s lists that we need to have to help preserve these things. And if one of these things happened, who do we contact? It needs to be written down. So here’s some resources.
Sometimes people ask, Hey, what are your resources? Our resources come as I call it, right from the horse’s mouth or the HHS, the OCR, the Office of Civil Rights. And remember the Office of Civil Rights. They’re the police of hipaa. If something happens, these are the folks we gotta report to. So you can take a screenshot of this if you want to go check this out.
So what are some next steps? Here’s something you can do. Just a quick HIPAA compliance checklist. It’s real simple. Go through here, click that QR code, download the list. You should be able to go through this list, literally each and every one of these points and answer the question meaning, yes, we do that.
Yes, we have training. If you don’t do these things. You may think about reaching out to us, or at least somebody. You gotta have this in place for your office, so if you have more questions, you can get ahold of us better HIPAA blueprint.com. You can talk contact myself at Dr. Perry or at Dr.
perry@betterhipaablueprint.com. If you’d like to speak with Dr. Julie, you can reach out to her as well, Dr. julie@betterhipablueprint.com. If you’d like to schedule a demo of the HIPAA program, we have a demo. We’re happy to hop on the phone with you, hop on Zoom with you, and show you this and show you what it’s all about.
Just go to go dot fearless provider.com/demo. Again, I want to thank everybody for attending this short message regarding ransomware. We wanna thank ChiroSecure, and in the meantime, everybody have an amazing day.
Click here for the best Chiropractic Malpractice Insurance
Get a Quick Quote and See What You Can Save