health generic

An expert says your health data is vulnerable to cyber attacks, but there are ways to reduce the risk.

Accessibility regulations make medical offices especially susceptible to skulduggery including ransomware, said Maxim Software Systems CEO Alex Zlatin.

"So when they get hit with something like ransomware, encrypting all of their files and basically keeping them hostage till they pay, it's very risky for an office," said Zlatin.

Unwitting office staff could be tricked into doing the cyber-thieves' bidding.

"They have an email, they think it's from a patient sending them something that looks like a payment, or a question, or, y'know, 'look at this document and can you answer these questions?' They open a Word document that, in turn, executes some malicious code," said Zlatin.

Zlatin said Zlatin says office managers have to train employees to be on the lookout for suspicious emails and attachments, and not to open anything that seems dubious.

Zlatin said to prevent cyber-crooks from holding information hostage with ransomware, all the info should be backed up and stored on a separate server, but that's not all.

"You also have to restore the information from the backup periodically--I recommend once a month--to make sure that the backup is restorable," said Zlatin.

What can you, as a patient, do to protect yourself as much as possible from having your information made public without your permission?

"Ask the office, or the privacy officer of that office, (for) a breakdown of where the information is stored, and what third parties have access to that information," said Zlatin.

Zlatin said the eventual move to more centralized health information databases means patients will have to be even more vigilant.