Did you know that over 47% of free email accounts like Gmail, Yahoo and the like have been compromised?
It’s been our experience within health care that over 60% of physicians and even specialty practices still use free email accounts. Not only does it look unprofessional to receive a Gmail as a patient but as you’ll read on, they’re not secure or compliant.
Currently on the dark web people are selling and buying hacked email accounts by the million. Why? For their ability to email their contacts and attempt to infiltrate those contacts networks.
Recently on the dark web there were 21 million hacked Gmail accounts with 55% of the passwords already decrypted selling for $450 each. With a ready market of thieves and buyers why are care organizations still utilizing free email accounts when their security is lackluster?
We directly see email accounts from Yahoo, Gmail, MSN, and others being hacked all of the time.
Why take the risk when it could potentially cost you 100 times more in fines for data breaches than it would to get a secure email address? Especially when your business and your integrity are at stake. Free email accounts are definitely not worth the potential risk of HIPAA violations and breaches that could cost you everything.
Would you even know if your Gmail account was compromised?
Not all EMAILS are created equal.
Items specific to cybersecurity are what typically fall through the cracks…
In 2017 80% of offices planned to increase the budget for IT needs. The federal government allocates 16% of its budget to cyber security, and in 2016 it is reported that the health care industry on average only spends 6% or even less on cyber security!
The worse news is that if OCR (the Office of Civil Rights) who enforces HIPAA rules finds it was a willful act, meaning if you knew it was a violation but let it happen anyways, jail time can be added. 1 year for not knowing, and up to 10 years if you knowingly leave patient information unprotected.
As daunting as maintaining compliance seems it can be easy to keep within HIPAA standards at your organization.