Dental practices must beef up their teams’ awareness of spear-phishing attacks, currently accounting for 91% of data breaches. Your team members must understand the threat landscape and know that hackers are trying to infiltrate the practice. Dental practices face many threats. Attacks and phishing attempts continually evolve and become more sophisticated.
As a dental practice leader, you can mitigate these attempts through a security and privacy awareness training program. eLearning is a good option here. Unlike in-classroom meetups, internet-based classes are delivered on-demand and as needed. Using online platforms also expand your training and reinforcement options such as threat simulations. Third-party phishing simulations, for example, provide various scenarios that mimic real-world attacks and attempts. Doing so matters because research shows that businesses that set up simulated phishing attempts once a month have 27% fewer employees falling victim to such attacks.
In any care setting, those numbers are too high. Because dental practices have valuable patient information in their systems, dental practices are rife for an attack. That said, let me provide some best practices you need to know to get the most out of your security awareness and HIPAA training.
What to Consider When Preparing
You may have options depending on your simulation solution. In addition to email phishing, consider sending SmiShes (phishing to employees via text messaging). Or try voicemail phishing, known as Vishing.
Then, there is USB Baiting, done by seeding bogus, infected USB drives around the workspace or parking lot that can communicate back if plugged into a computer. Employing optional simulations reduces a practice’s susceptibility to phishing attacks. In addition, it allows you to change training techniques to give employees a more comprehensive range of threats they should look out for.