Cyber Security: Nine things you need to understand about new smart chips, credit card security, and how to avoid scams
October is National Cyber Security Awareness Month. Here we address some of what you should know about the new smart-chip systems credit cards are converting to this month. They are, in part, designed to help you avoid cyber scams and data breaches.
Here are 9 commonly asked questions about cyber scams, credit card usage, and liability.
Tip: Don’t trust a site just because it claims to be secure. And, before using the site, check out the security/encryption software it uses.
- What’s a Smart Chip?
EMV smart-chip credit cards are replacing the traditional magnetic-strip ones this month. Following a year of massive, well-publicized data breaches, the changes can’t come soon enough.
- What’s the Difference?
Traditional credit cards are swiped and share payment data and access to the user’s account. The problem is in the sharing of that data. With EMV cards, however, a new transaction code is created for each purchase, making it much tougher to hack information.
- Who is Liable?
In the past, it was the payment processor (usually a bank) that took responsibility for losses involving data breaches. As of Oct. 26, liability will rest with whichever party is deemed to be less compliant with the new regulations. That means the responsibility could be on you!
- How Do I Comply?
There are lots of resources out there to help. The most complete is the website www.smartcardalliance.org. It explains what you need to do to comply and how to integrate the system into your business. There is also good information at www.aoa.org.
- Do I Need Insurance?
Your current insurance may, or may not, cover breaches to an EMV system. If you don’t have cyberliability coverage, get it now. Especially with new HIPAA and EHR issues, you need to discuss the potential for data breaches with an insurance professional who understands optometry.
- What Needs to Be Covered?
Look for a policy that also protects you from other types of data breaches, like the cost of hacking. In an EHR world, that type of protection is imperative.
- What’s the Cost?
If you experience a data leak, HIPAA will require you to notify each and every patient. And, if you don’t carry cyberliability insurance, that process, according to the AOA, can cost more than $25 per patient notification.
- What’s a Scam and What Isn’t?
There’s a great resource on cyber fraud that someone in your practice should be responsible for checking—and communicating about—on a regular basis. It’s fbi.gov/scams-safety/fraud/internet_fraud.
- What Can I Do?
Here are just a few tips from the FBI site. “Don’t give out your credit card number online unless the site is secure and reputable. Sometimes a tiny icon of a padlock appears to symbolize a higher level of security to transmit data. This icon is not a guarantee of a secure site, but provides some assurance. Before using the site, check out the security/encryption software it uses.”
Tell us about your experiences with security and join in the conversation on our Facebook page here.
Reference: http://www.aoa.org/news/aoa-focus/june-2015/protect-your-practice?sso=y
Comments are closed.