Cyberthreats are a risk to your practice, but that's not even the worst of it. When we look at the spectrum of possibilities and consider our cost-benefit analysis for making cybersecurity a priority, most of us recognize that "if" your practice gets hacked, then your patient data could be breached. 

The healthcare industry experienced the second-highest increase in cost-per-breach in 2020 - only second to the energy industry. Whether due to an internal attack, a cybersecurity hacker, accidentally publishing information, or something else, patient data privacy and security are of the utmost importance to ensure.

Although it is said that "business is global," there are some nuances to this blanket statement to consider when creating, receiving, maintaining, or transmitting electronic protected health information or electronic health information (PHI) internationally. Before delving into items to consider when business associates (including subcontractors) and PHI are international, it's important to appreciate that both the U.S. Department of Health and Human Services Office for Civil Rights (HHS-OCR) and the U.S. Department of Justice (DOJ) have the ability to enforce violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA), as well as the related Privacy Rule, Security Rule, and Breach Notification Rule.

The first barrier we see is that clinicians, and even office managers, think this is an IT issue and out of their wheelhouse. "Not my job. Somebody else is handling it, right?” I have good news and bad news. The bad news first. Your practice staff, and physicians, are all links in the cyber-risk chain. If you want to keep your practice profitable, it is your job. All of you!

Consensus Cloud Solutions, Inc. (NASDAQ: CCSI), the world's largest provider of digital cloud fax solutions, recently announced the availability of Consensus Conductor, which provides seamless integration technology that supports the latest standards for connectivity while addressing a wide range of interoperability challenges from the simple to the extremely complex.

The Centers for Medicare & Medicaid Services (CMS) has created a series of fact sheets to help explain how HIPAA (Health Insurance Portability and Accountability Act) electronic adopted transactions streamline health care billing through the use of standards and operating rules.

Solo provider and small group physician practices are critical to our nation's health. For this reason, these practices also present a significant risk to the overall healthcare infrastructure.

In recent years, healthcare practices across the country have accelerated their digital transformation efforts to modernize their operations, bake more efficiency into their workflows and processes, and deliver stronger patient experiences.

The healthcare sector continues to be a target of cybercriminals. An area that continues to emerge is ransomware as a service (RaaS)-basically the adoption of a Software as a Service model, which is subscription-based and "enables affiliates to use already-developed ransomware tools to execute ransomware attacks." 

Ransomware attacks increased by 62% worldwide and 158% in North America between 2019 and 2020. The FBI received approximately 2,500 ransomware complaints last year, up 20% from 2019, which identified losses of over $29 million.