Risky Business

Don’t put your business at risk by ignoring electronic records privacy laws.

The consequences of violating privacy laws are staggering.  Violate PCI, which is a standard required for anyone who receives payments by credit cards and you may very well lose the ability to accept credit card payments. That’s a death blow for many businesses.  Violate HIPAA, the law that protects the confidentiality of patient records, and you can face fines as high as 1.5 million dollars and jail time. That’s pretty scary and what’s even more scary is that many people violate these laws and regulations without even knowing it.  In fact, as many as 81% of these violations go undetected.  

You could face fines up to 1.5 million dollars and even jail time.

Paul Blough

Privacy laws and regulations cover protected information in all forms, including electronic data.  This is where most people get in to trouble.  Electronic records are much more slippery than physical ones.  In fact, you can store thousands of them on a portable thumb drive and lose them all because you had a hole in your pocket. They can be on your phone or on your laptop and those can be stolen, putting all of those records in the hands of a thief.  You could even have a hacker break into your computer and steal the records that way. It’s a grim picture.

You can significantly reduce your risk of a data breech by following some very simple advice.

  1. Know the laws and regulations you are governed by. HIPAA, PCI, GLBA, CAN-SPAM and a whole bunch of other initials may apply to you. You have to know which ones and what they require and what the consequence of non compliance is.
  2. Educate your team on security awareness. The most important part of electronic security is the human firewall.  Breeches happen because people make mistakes. People make mistakes when they are not trained. Teach your team that security matters and remind them often.
  3. Take advantage of automated security tools to help keep your data safe.  At a minimum you need a strong firewall, professional antivirus software and patch management for all your software.  

Stop ignoring electronic security and putting yourself and your business at risk.  Chose to make security a part of your culture.