AUTHOR
No health business is too small to be threatened by cyber security risks or security vulnerabilities exposing them to cyber attacks to start defending against them!
As health care systems transition to fully integrated electronic health records (EHRs) holding and transmitting sensitive personal, health and client information, Allied Health professionals face various new risks to their business, such as internal, external cyber threats, but also from new legislative obligations they must comply with.
Unlike many other businesses, the Allied Health profession is subject to various elements of the Privacy Act and other legislative requirements to protect their client’s information and data. This means Allied Health businesses are at risk of penalties for breaches of this act which could be quite sizeable relative to the business involved.
The Australian Cyber Security Centre has estimated that the cost of remediation for a single cyber security incident is about $40,000 for a small business. Any breach is going to result in a direct impact to the business, either from data theft, through disruption and lost time dealing with the fall-out of the breach and engaging Cyber / IT professionals or law enforcement. Prevention is plainly better than cure.
Given the risks involved, cyber security must be considered as a business strategy and top priority to address for Allied Health providers. Owners can’t pass off the issue to their service providers or as too hard irrespective of the size of their business. Those excuses won’t be acceptable under the Privacy Act.
As technology evolves, so do the cyber security landscape and risks to all businesses. Businesses must vigilantly review, maintain and invest in their cyber defence to protect their business, ensure compliance with legal obligations, and protect their patients, suppliers, and fellow professionals.
As a part of RSM’s holistic view of client servicing, our Health Services Cyber Security Package is a simple, quick, and cost-effective approach to understanding and managing key cyber security risks within health practices and businesses. Covering the key areas of cyber risk: people, process and technology, the package includes a high-level security review, setting up of a user-based policy and associated training, and technology tools to help mitigate ransomware threats.
FOR MORE INFORMATION
Get on the front foot protecting your business from cyber threats. To discuss how your health business can manage cyber security risks, contact your local RSM office.