Surviving a Data Breach

According to a recent report from the National Cyber Security Alliance, 71% of all data breaches target small businesses which, of course, includes your dental practice. Data breaches can be an extremely disruptive experience – they interrupt normal daily operations; they can generate unwelcome publicity; and given the possibility of fines and lawsuits, they can also be a huge financial burden.

Most small businesses have a false sense of security in terms of how vulnerable they are to a data breach. The report from the National Cyber Security Alliance compiled the following statistics – do any of these apply to your practice?

Threat Perception:

• 77% say their company is safe from cyber threats
• 66% say they are not concerned with hackers, cyber-criminals, or even employees stealing data
• 47% believe a data breach would have no impact on their business

Security Program Status:

• 87% do not have a formal written security policy
• 59% do not have a security incident response plan for a data breach
• 50% of users still use poor passwords
• 83% do not have a system to require employees to periodically change passwords

Obviously it is important to take every possible step to prevent a data breach from occurring but if the worst should happen – if hackers manage to break into your server and steal vital business, financial, patient and personal records – then you should be aware of the immediate consequences and the actions you should take.

Call Us First

First and foremost, we need to determine what server, or servers, were compromised and to fix the data leak. Next, a containment strategy needs to be implemented to ensure that the compromised server cannot infect other servers or devices. Finally, a disk image of the infected server should be created and preserved in case of a future lawsuit.