Cyberattacks are on the rise and hackers have small and medium-sized businesses (SMBs) – businesses like your dental practice – in their crosshairs.
The Verizon 2019 Data Breach Investigations Report reveals that nearly half (43%) of all cybercrimes target SMBs – yet most small business owners are ill-prepared to defend themselves against the threats they’re up against.
In fact, many don’t even realize the true costs of a data breach.
A recent business survey from AppRiver finds that although 79% of SMB executives claim that cyber threats such as ransomware are a top-of-mind concern, most do not truly comprehend the consequences of such attacks.
While 70% of survey participants thought they would lose less than $25,000 in the event of a successful data breach and more than half thought it would be less than $10,000, the true figure is in fact much higher – Kaspersky data puts it at $149,000 on average, Symantec at $188,000 and research from Hiscox at $200,000.
With such huge damages to contend with, it’s no wonder that 60% of SMBs are forced to throw down the shutters within six months of a data disaster – yet 78% of SMB executives believe that their business would survive.
The Mounting Costs of a Data Disaster for HIPAA Covered Entities
Of course, as HIPAA-compliant businesses, dental practitioners have even more reasons to ensure their business is adequately secured against the looming threats of ransomware or other data disasters.
Under HIPAA, it is the responsibility of dentists to employ safeguards that preserve the confidentiality, integrity, and availability of their patients’ PHI and big fines await those that fail to do so – the Office of Civil Rights (OCR) collected $12.2 million in fines and settlements for HIPAA violations in 2019 alone.
And of course, it’s not just fines that dental practitioners have to worry about – it’s the loss of reputation and bad press, too.
Your patients expect you to be securing their PHI and guarding it against the various threats posed.
If you compromise their personal information, not only will they seek financial restitution through the courts – piling on the costs of the breach – they’ll likely take their business elsewhere and your reputation will be permanently damaged.
And all this on top of having to pay a ransomware demand.
Natural Disaster, System Failures, and Human Error
It’s not just cyber criminals that pose a threat to HIPAA-compliant businesses. There are many other ways in which dental practitioners can experience data loss.
For starters, there are natural disasters. Fire, flooding, earthquakes – all can cause damage to internal systems, resulting in critical business data stored on-site being completely destroyed.
Then there are network and hardware failures. Computers crashes are a fact of life – and a fact of the modern business. And when they crash, HIPAA demands that any PHI stored on them is recoverable.
To quote from the legislation, all HIPAA covered entities must “Establish and implement procedures to create and maintain retrievable exact copies of electronic Protected Health Information” (CFR 164.308(7)(ii)(A)). In addition, a disaster recovery plan is required to “restore any loss of data” (CFR 164.308(7)(ii)(B)) in the event of a breach, system outage, or damage to computers/servers where PHI is stored.
Finally, there’s human error to contend with.
A massive 90% of data disasters are caused by human error – such as employees succumbing to a phishing email scam, not using adequate security on their personal devices, accidentally deleting files, or simply spilling a cup of coffee on a computer.
All can lead to data disasters that can be difficult and expensive to recover from – and precisely why a robust data backup and recovery solution is vital for dental practitioners.
Data Disaster Management
The best way to protect your business against cyberattacks and all other forms of data disaster is to employ the “3-2-1” data backup method.
This means having at least three (3) copies of your data, storing two (2) of them on different devices or storage media, with one (1) of them located offsite with a HIPAA-compliant data backup and recovery provider.
Why is this a best practice? Well, onsite backup ensures that you have quick access to data in the event of a small matter, such as a computer crash.
Offsite backup, meanwhile, provides the powerful protection you need in the face of an onsite natural disaster or cyberattack against your office.
When retrievable exact copies of your PHI and crucial business data are stored offsite in a secure, remote, HIPAA-compliant location, no matter what happens – fire, flood, system outage, or targeted cyberattack – your business is always fully recoverable in a matter of hours.
Full Data Disaster Recovery with Central Data Storage
Every HIPAA-compliant business needs a reliable data backup and recovery solution in place for the simple reason that a data disaster will eventually strike.
As such, an action plan needs to be put in place now so you can always recover your data and your business no matter what happens – for it will be too late once the incident has already occurred.
Central Data Storage offers a fully supported, encrypted, cloud-based, and HIPAA-compliant data backup and recovery solution for dental practitioners.
Our clients never pay a ransomware demand and never have to worry about breaching regulations.
With unlimited storage capacity, automated backups, and beyond military-grade encryption both in transit and at rest in our secure data center, your data is always safe, fully protected, and will always be 100% retrievable.
Learn more about the benefits of our fully supported cloud backup and recovery solution. Call 1-888-907-1227 or email firstname.lastname@example.org.