Has your firm ever taken on a medical malpractice case? Maybe you’ve dealt with an auto injury case or an insurance claim. If so, then you have probably had to store protected health information (PHI) on your servers before.
This can make your law firm subject to the regulations laid out in the Health Insurance Portability and Accountability Act (HIPAA) and Omnibus Rule and the Health Information Technology for Economic and Clinical Health Act (HITECH). These laws require medical facilities and business associates to take certain security measures to protect patient medical records. Failure to comply could open your firm up to fines and lawsuits. So, it’s a good idea to do everything you can to ensure your firm has strong data security.
Consulting firm Accenture found that 1 in 4 healthcare consumers had their personal information stolen in data breaches. For patients, such thefts can sometimes result in an average loss of $2,500 in out-of-pocket expenses. Avoiding messes like this is why healthcare facilities are redoubling their cybersecurity efforts. Law firms need to learn from their mistakes too.
One such data breach exposed some 90,000 patient records after a hospital staffer opened an email attachment containing malware. This breach highlights the importance of employee training and learning how to spot security risks. Emails from unfamiliar sources should not be trusted, nor should short links or websites that have too many subdomains.
Training partners, associates and paralegals in this fashion can help increase your system’s security. However, there are many other ways hackers can breach your law firm’s servers. To see what other vulnerabilities your firm may have, inquire about a security audit from the IT professionals at Exactify.IT. We can help keep your security measures compliant with the relevant regulations in your area of practice.