How Secure is your Practice?

Protect Your Data

Cyber Security is essential for any medical professional in any size organization. Hospitals are making it a priority, but some medical groups think they’re too small to be a target.

Unfortunately, that thinking increases your risk of a breach.

Medical data is the hottest commodity on the dark web. In 2021, the estimated cost of a single breached record rose to $499. Bad actors want to steal data – the easier it is to get, the better. In the time it takes to hack through a hospital’s security protocols, they can hit 10 practices that didn’t think they needed cyber security.

Calculate The Cost of a Breach

Add the number of patient records in your system to this calculator to see the cost of a breach in at your practice.

“Soft Costs” of a Breach

  • Patients leave the practice
  • Business operations are disrupted.
  • Vendors may re-evaluate financial terms and agreements
  • Relationships with hospitals or other partners face scrutiny
  • Brand reputation is damaged
  • Valued employees jump ship

Based on records from US Dept of HHS, 2020 saw a 55% jump in incidents from 2019, for a total of 599 breaches that impacted 26.4 million people.

~

Assess

Establishing a baseline is the first step. A review of current cyber is conducted, including malware applications, third-party vendors,  plans, policies and procedures, device use and remote access protocols, and training tools and frequency. Is a breach response plan in place?

u

Test

Simulations are the fastest way to identify vulnerabilities. Phishing, spoofing, and accessing personal accounts on business systems are key points of entry.  BYOD sounded like a great way to cut costs, but for remote users, a private cellphone is an unknown commodity.

l

Report

The deliverable is a comprehensive analysis of the company’s data security. Quantitative facts and qualitative insights. Resources are offered. Weaknesses are identified and recommendations offered. Our team is available if you need assistance to implement them.

Train

Training needs to be an ongoing commitment. A three-tiered training program, designed for partners, managers, and staff, is best.  Cyber security should be part of the onboarding process. A quarterly training schedule is recommended for managers and staff.

Risk Assessment & Mitigation

  • Identify Hazards or Risk Factors
  • Identify who can be injured or hurt
  • Evaluate the Risk
  • Evaluate the Probability
  • Record and ID Parties involved
  • Review the Plan/Model

Compliance Lapse. Today’s healthcare regulatory environment is more complex than ever, putting facilities at higher risk of non-compliance.

Healthcare Illness. It’s not difficult to imagine that one of the greatest risks of healthcare facilities is spreadable illness and germs.

Privacy Management and Information Security. With companies still settling into GDPR-forced changes in operation, the ripples are still making their way across the United States as privacy becomes a very important factor.

badge for security

Building Security

A medical practice is open to the public which requires a unique set of security practices to address emergencies. Our team will assess security in the building and provide recommendations to improve safety.

We help healthcare professionals set up security protocols that protect their employees and patients in the event of a disaster – natural or man-made.

Doctor’s offices are also targets for addicts and dealers looking for drugs. That increases the risk of gun violence. We offer training on protecting yourself from an active shooting situation.

Training on any number of security topics is available.

Documentation

Policies and procedures are a few of the documents we offer. The documents we provide include but aren’t limited to:

  • Business Continuity plans
  • Paper Protocols
  • Emergency Preparedness plans
  • Cyber Breach Response plans
  • Disaster Recovery plans
  • Grants and proposals

Each document is written to the specs of your business, including local, state, regional, and national resources.

Training Classes & Workshops

The list below is a catalogue of our existing classes. We can also develop custom materials upon request.

  • Securing Physical Property
  • Preventing Cyber Attacks
  • Team building Workshops
  • Situational Awareness
  • Leadership Workshops
  • Emergency Response Plan
  • Active Shooter Response
  • Disaster Recovery
  • Ransomware Response

Foxhole Consulting LLC is a veteran-owned and operated firm in North Carolina. Our services include leadership development, rising threat assessment, cyber security, on-ground security, training, and business readiness documentation. We welcome the chance to partner on bids and contracts.

Phone: 910-985-7837
Email: info@foxholeconsulting.co

Affiliations

Proud Supporter of The Veteran Owned Business Project!

Solutions By Industry