cybersecurity

Cybersecurity checklist for your office

Ian F

26 Aug 2024 — 1 min read

A cybersecurity checklist for your office

Cybersecurity Checklist for Healthcare Practices

A comprehensive checklist to help healthcare providers maintain robust cybersecurity standards and protect patient data.

Knowledge

Incremental improvement: aim for at least one security update per month.
Understand your obligations and where your data is stored and flows.
Build data sharing clauses into contracts.
Calculate your cash burn without collections and set budgets for cybersecurity.
Educate all staff, including front and back office, on cybersecurity risks.
Calculate your cash burn without collections and set budgets for cybersecurity.
Build continuity plans (data disruption, internet outage)
Understand how much your data is worth
User good firewalls at work and home; close ports
Be paranoid about unknown url's
Only download reputable apps
Know the signs of physhing emails
Confirm any requests for money transfer
Use strong passwords / password keepers
Keep IoT devices off of business networks
If you build online forms, protect them
Do not plug USB devices into work computers
Update every 30 days (or less)

Practice

Store restricted data on secure servers with personal username and password access.
Ensure restricted data is password-protected and do not use admin privileges for routine work.
Personal username and password to EMR apps
DO NOT use admin privileges for routine work
Anti-malware / threat protection
Patch monthly
Auto log-off from apps and computer
NO outside devices plugged in
Force logon to EMR network
Seperate network for restricted data
MFA/2FA for remote access + VPN where possible
UPDATE your firewall
Strict internet use policy
Data policy
ASSUME EVERY CONNECTION IS COMPROMISED
Extra cautious with access to cloud assets

Infrastructure

Enough UPS power to close out day
If cloud based, enough UPS to keep internet ON
Dual power supplies to backbone items
Create spreadsheet of all data locations
3:One primary backup and two copies of your data
2: Save your backups to two different types of media
1: Keep at least one backup file offsite & offline
0: Zero errors with back-up testing
Server settings; especially with cloud assets
Plan for costs of recovery
Buy cyberinsurance

Deep Dive: Updated Guidelines on Implant Placement and Medication-Related Osteonecrosis of the Jaw (MRONJ)

As an oral surgeon, I’m seeing more patients than ever on antiresorptive medications, primarily for osteoporosis or cancer-related bone conditions. In Canada alone, over 2 million people are affected by osteoporosis, with many receiving bone-sparing therapies such as bisphosphonates and denosumab (CMAJ). This prevalence underscores the importance of understanding

Deep Dive: The Impact of Smoking on Long-Term Success of Dental Implants

One question I’m frequently asked by patients is, “What are the chances my implant will fail?” It’s an understandable concern—implants are a significant investment in both time and resources, and patients want reassurance that their implant will last. While preparing a recent lecture on implant success and

Deep Dive: Monitoring Large Leukoplakia - Weighing the Utility of Adjunctive Techniques in Clinical Practice

I was recently dealing with an extensive leukoplakic lesion, where complete removal wasn’t feasible, and the monitoring approach shifts from immediate treatment to careful, ongoing assessment. I'm adding this deep dive to look at a variety of adjunctive techniques that have gained traction in recent years, from

Building Digital Resilience in Your Professional Practice: A Quick Guide to Managing Key Functions and Data Storage

Running a professional practice means juggling a lot of important functions: booking and billing, managing EMRs (Electronic Medical Records), handling imaging, keeping track of support documents, and staying in touch with clients. But what happens if any of these systems go down? Are you ready for a hiccup in your