In the second instalment of our weekly feature find out about the risks of holding patient data – and the cost to your business of a cyber attack. If you missed the first episode, click here.
A data breach in community pharmacists may not receive worldwide attention but the risks are just as acute given the sensitive nature of patient records they hold.
Nick Mothershaw, UK and Ireland director of identity and fraud at Experian says: “We’re fighting a sophisticated, interconnected, resourceful and growing army of digital fraudsters.
They’re fast, inventive, enjoy online anonymity, constantly have the advantage of surprise – and they’re happy to exploit any route to fraud.
“It can be anything from phishing emails, which could result in a fraudster taking over an online account, a fraudster accessing personal details and then using them offline to commit fraud, to session hijacking attacks where a user’s browsing is interrupted by a hacker, monitored or even hijacked.
“The proliferation of malware and routes to hack are relentless and show no signs of slowing.”
Mothershaw explains that innovations include smart phones being sold with malware already embedded and infected e-cigarettes that can steal a PC’s data if they are recharged via their innocent looking USB plugs.
The repercussions of falling foul of fraudsters can cut deep. It can lead to huge damage to reputation and brand (especially in the case of a data breach), potential loss of custom and patients and, of course, loss of revenue.
According to payment company Worldpay, the clean up costs to small businesses being targeted online can run up to tens of thousands of pounds.
Crucially, three per cent of respondents in the BRC survey said additional anti-fraud measures restrict non-fraudulent customers.
“No one wants to turn away legitimate or sizeable transactions that are evidently from loyal customers – but with revenue, reputation and brand at stake, the potential risk simply cannot be ignored,” says Mothershaw.
Come back tomorrow as we detail the basics of keeping patient data safe.