You would never go on holidays and leave your pharmacy’s front door ajar. So why would you leave your cyber security unlocked?

There is a great deal that you can do to protect your pharmacy and patient information from cyber security risk. This article talks you through the fundamentals.

Always speak to your IT provider for detailed advice.

What is cybercrime, and how much of a concern is it?

Cybercrime is where hackers and cybercriminals try to steal from you to make money.

They do this in three main ways: stealing and re-selling your data, locking up your data so that you have to pay a ransom to get it back, or stealing your identity.

Whilst cybercrime might seem like a fairly new area of risk for your pharmacy, the reality is it’s a rapidly growing area of concern.

Cyber Security Risk

In recent years, cybercrime has become a reality for Australian businesses, with:

  • Cyber attacks increasing 700% between 2018 and 2019, with an estimated national cost of $7.8 billion (1). Yes, that figure is 700%.
  • 43% percent of cyber attacks directed against small businesses in 2016 – up from 18% five years earlier (2,3)
  • 36% of data breaches in the first half of 2019 occurring in the health sector. At 105 of the total 289 breaches, this was more than any other sector (4).

Are there any specific risks for pharmacy?

Unfortunately, yes. The health and medication data that you deal with every day increases the likelihood that you will become a target of cybercrime.

The same applies to all health service providers.

This is because health data can be extremely valuable to cyber criminals. All cybercriminals are looking for information – such as personal and address information, banking and credit card details, and business information – that they can re-sell on the dark web. But health data is potentially more valuable than financial and personal information alone

This is why its important that you stay informed about the risks and actively protect your pharmacy’s cyber security in the same way that you would protect other areas of your business.

36% of data breaches in the first half of 2019 occurred in the health sector; more than in any other

Why is cyber security important to pharmacy?

As a pharmacist or pharmacy owner, you already know how valuable your pharmacy’s data is. Your patient records and your business information are vital to every aspect of running your pharmacy:

  • Dispensing efficiently and accurately
  • Protecting your patient’s medication and private information
  • Connecting your patients to the eHealth network which provides for safer and more efficient dispensing
  • Reducing overdoses of prescription medicines by enabling real time prescription safety checks (such as SafeScript in Victoria)
  • Running your business, from your HR and accounting systems, to your data back ups, and everything in between.

Staying on top of your cyber security is one of the most important things that you can do to avoid the financial, reputational and operational implications arising from a data breach.

What measures are in place for cyber security?

Because your pharmacy data is valuable, government and industry are actively monitoring data breaches and providing leadership about how to deal with this rapidly changing space.

Two important measures that you should be aware of:

1. Pharmacies are covered by the National Data Breach Scheme

This requires that businesses report any data breaches, meaning pharmacies need to:

  1. Report any data breaches to the Office of the Australian Information Commissioner
  2. Advise all customers if a breach has occurred.

There are also financial penalties for pharmacies and other businesses that do not comply with these reporting requirements. You can find out more here: www.oaic.gov.au/privacy/notifiable-data-breaches

2. Quality Care Pharmacy Program reforms

The QCPP are introducing new standards of cyber security protection that will apply to pharmacies seeking reaccreditation from 1 July 2020 (5). This means that you need to start thinking about cyber security protection as part of your accreditation cycle.

Make sure that cyber security is on your business radar, refer to our checklist for assistance

Cyber security checklist

Fred can provide specific advice for your cyber security requirements and offer a real time managed cyber security service tailored for pharmacies of all sizes, dispensing and POS software with Fred Protect.

Contact me about cyber security
(1) Security in Depth released in August 2019. https://securityindepth.com.au/stateofcyber
(2) https://www.staysmartonline.gov.au/protect-your-business/why-cyber-safety-matters-your-business,
Symantec 2016 Internet Security Threat Report: https://www.symantec.com/content/dam/symantec/docs/reports/istr-21-2016-en.pdf
(3) https://img1.wsimg.com/blobby/go/35c0baf2-aefc-46ca-9c76-5431e30e646a/downloads/2019%20State%20of%20Cyber%20Security%20Report.pdf?ver=1564580186376
(4) ** Refer to the Notifiable Data Breaches Statistics Reports for the periods 1 January to 31 March 2019 and 1 April to 30 June 2019 which can be found here: https://www.oaic.gov.au/privacy/notifiable-data-breaches/notifiable-data-breaches-statistics/
(5) https://www.qcpp.com/news/qcpp-reform-2020