What can mental health providers and institutions do to protect themselves from a cyber attack?
Even a one person private practice or a smaller company can implement cyber safeguards.
- Become knowledgeable about technology. Mental health clinicians are notoriously tech adverse. However, unless you are living and working off the grid, ignorance is no longer acceptable.
- Educate yourself and your employees about the threat of cyber-attacks and ransomware. Education needs to be an ongoing process.
- Use two factor authentication and encrypted email for sensitive information. Hushmail is a secure email utility.
- Make sure your website is HTTPS (HTTP Secure), e.g. https://www.mycompany.com. In HTTPS, your website is encrypted by a layer of security and thus is less vulnerable.
- At the Forum, we were told that 95% of malware can be addressed by anti-virus software. So deploy anti-virus and update as needed.
- When Apple or one of the major tech companies you use (e.g. Microsoft) sends you an update patch, download it.
- Use complex passwords.
- Over and over the experts at Yale talked about the need for “good cyber hygiene.” Establish standards for cyber literacy, and other necessary protocols.
- Have a workplace social media policy.
As we said good-bye, one attendee said, “and now I go back in my car and drive away while using Waze to find my route and Spotify for entertainment, giving up my privacy and leaving myself wide open to hacking.”