More than four of every five US physicians (83%) have experienced some form of cyberattack, according to research from the American Medical Association (AMA) and Accenture. The AMA/Accenture survey results reinforce the fact that small and medium-sized practices — not just big groups and healthcare systems — are now targets of cyber thieves. To see the full report, click here. As the entire healthcare industry continues to move toward interoperability and increased sharing of protected health information across providers, smaller practices and clinics face the same cybersecurity threats as larger health systems. Couple that with the United States having the most data breaches of any country by a large margin and that healthcare jumped to the number one most attacked industry in 2017, and it’s no wonder healthcare providers from every size organization are ramping up their cybersecurity defenses. It is interesting that the 2010 security recommendations from The U.S. Department of Health and Human Service (HHS), through the Office of the National Coordinator for Health Information Technology (ONC) have stood the test of time and remain solid action steps for ambulatory groups to take. We’ve listed the top ten recommendations below. For the complete report, click here. Top ten security practices for small healthcare groups Use strong passwords and change them regularly Install and maintain anti-virus software Use a firewall Control access to protected health information (phi) Control physical access (aka – protect your server’s location) Limit network access Plan for the unexpected Maintain good computer habits Protect mobile devices Establish a security culture One important step your group should take immediately One of the easiest tools to aid in your cybersecurity strategy is creating a legacy data management plan to reduce exposure, secure historical records in a protected archive and maintain access to the records should they be required in the future for eDiscovery or other requests. As practices grow and technology evolves, there often are vulnerable, outdated systems housing protected health information that are essentially sitting ducks for cyberattacks. Considering the cost benefits of consolidating legacy systems and the added security of having less systems at risk, it makes sense to archive as much legacy data as possible into a single, secure archive. We recently presented information at HIMSS18 about the security benefits of archiving. Click here to see the video and download the white paper. Then, connect with our team for more information about how we can help your practice shore up your legacy data and defend against unwanted cyber activity.