What’s perhaps even more worrying however, is the fact that many small business owners don’t quite realize the true realities of the threats that they’re up against and so don’t have adequate data disaster recovery solutions in place to defend themselves.
Despite the fact that cyber threats such as ransomware are a top-of-mind concern for 79% of SMB executives, according to AppRiver’s Q4 Cyber threat Index for Business Survey, most fail to realize the true cost of a data breach.
For AppRiver’s Q3 report, nearly 70% of those surveyed thought they would lose less than $25,000 in the event of a successful cyber attack, while more than half said they would lose less than $10,000 in damages.
The true figure, however, is much higher – averaging $149,000 according to Kaspersky, $188,000 according to Symantec and $200,000 according to Hiscox.
There’s also a marked disparity between the percentage of SMB owners who believe their business will survive a cyber attack and the percentage that in fact go out of business as a result of one.
While AppRiver’s survey reveals that just 22% of SMB executives believe there is a high likelihood that their business would not survive a successful data breach, the reality is that nearly two-thirds (60%) are forced to throw down the shutters for good within six months, according to the National Cyber Security Alliance.
While these numbers should sound alarm bells ringing for all SMB owners, dental practitioners should take particular note.
The reason, of course, comes down to the Health Insurance Portability and Accountability Act – or HIPAA. Under HIPAA, it is the responsibility of all dentists to protect the PHI of their patients and ensure the security of electronic records. Failure to do so can lead to big fines – the HHS’ Office for Civil Rights collected $12.2 million in fines and settlements for HIPAA violations last year alone.
Keeping private information safe isn’t just a matter of law, however. It’s what your patients expect. As such, when their personal information is compromised, they rightly feel violated and often seek financial restitution through the courts – piling on the costs of the breach.
This can lead to a media storm of bad press, resulting in current patients leaving your practice and potential new ones going elsewhere.
And this may all come on top of having to pay the ransomware demand the cyber criminal used to attack your dental practice in the first place.
And make no mistake about it – ransomware attacks are on the rise.
In August last year, for instance, ZDNet reported that hundreds of dental practices across the US had their computers infected with ransomware – leaving many with no option but to pay the demand to recover encrypted files.
In all, with so much reputational and financial fallout to deal with in the aftermath of a breach, it’s hardly a wonder that so many small businesses fail to recover from one.
Data Disaster Management and Recovery
In order to protect your dental practice from the growing threats of cyber attacks, it’s imperative to have a robust data disaster recovery solution in place. And not just any data disaster recovery solution, of course – a HIPAA-compliant data disaster recovery solution.
The best way to do this is by using the “3-2-1” backup method.
How does this work? Simple.
The 3-2-1 data disaster management strategy means having at least three (3) total copies of your data, two (2) of which are located on different devices or storage media, with one (1) of them located offsite with a HIPAA-compliant cloud data storage provider.
Why two copies onsite and one offsite?
Well, it is of course important to have onsite backup – such as a hard drive that you keep up to date – as this is a simple way of ensuring you have quick access to your data in the event of a small matter, such as your computer crashing. While your computer is repaired, you can quickly plug in the hard drive and get your data back without too much disruption.
The purpose of offsite backup, meanwhile, is to ensure that your data is protected in the event of a localized onsite disaster – such as a flood, fire, or theft – or a cyber attack against your office.
By keeping a copy of your data in a secure, remote location, such as with a HIPAA-compliant cloud storage provider, you can ensure full recovery of your data no matter what happens – be it a natural disaster, the accidental deletion of files, or targeted ransomware or other cyber attack.
Full Data Disaster Recovery with Central Data Storage
Don’t be one of the 60% of small businesses that never recover from a data disaster. Instead, be one of the 40% who are well-prepared with a robust and reliable data disaster recovery solution that will get their business back up and running in a matter of hours.
These businesses never pay a ransom and, when working with a HIPAA-compliant cloud storage provider, never have to worry about breaching regulations.
What’s more, our solution automates your backups, meaning you never have to think – let alone worry – about your data backups being performed in full compliance with HIPAA requirements.
With unlimited storage capacity and beyond military-grade encryption both in transit and at rest in our secure data center, your data is always safe, fully protected and will always be fully retrievable.