As a pharmacy owner, do you know how secure your customer database is?
If the answer to that question is “sort of” or “no,” then you have some work to do. Even if you answered “yes,” it’s a good idea to brush up on the systems you have in place to protect your customers’ valuable information. These systems need constant updating as criminals continue to find new ways to hack into databases and steal valuable personal information.
Independent Pharmacies are at a higher risk for database breaches than most businesses because of the amount of customer information they store and vulnerability in their security programs. When filling prescriptions, not only is the customer’s name, address, and credit card number collected, but also insurance information, date of birth, and medication history. This data is valuable information that criminals will use to steal identities and cause harm such as hacking customer bank accounts.
Since you probably don’t think like a criminal, you may not have thought about the gold mine of data in your store. You should make cyber security as big a priority as store security and loss protection. Here are some guidelines to think about when protecting customer data.
1. Internet Security
Online security includes anti-virus and anti-spyware programs, as well as intrusion prevention. Your internet security should also include limiting your employees’ access to the internet. You can’t get infected from a bad website if you can’t visit it. It’s also necessary to keep your anti-virus software up-to-date and activate real-time protection.
2. Offsite Backup
Having an offsite backup of your customer files is vital. Having backups in the pharmacy store isn’t very useful after a natural disaster such as a tornado, flood or fire. Ideally you should utilize a HIPAA compliant online backup service
3. Network Security
Make sure you have a PCI and HIPAA compliant level of security on your network and ensure it stays that way. The first line of defense for network security in is a managed firewall. It should be encrypted from people and other programs that access your data. It’s also a good idea to limit your employees’ access to only the information they need to do their work. Password protect sensitive areas of your database so only necessary staff members can use it.
If you don’t have the time or the expertise to manage these security efforts, there are plenty of services that can help. Reach out to your pharmacy’s software or POS vendor and ask if they have security services to provide or if they can recommend a company to keep your data safe and secure. It’s also a good idea to make sure you have data compromise coverage included in your liability insurance policy. The penalties for poor data protection and privacy practices can be stiff, ranging from negative publicity and embarrassment to costly fines and lawsuits. Protecting your business and your customers should always remain a priority.
To help put these plans into action, download our free ebook The Pharmacy Owner’s Guide to Exceptionally Effective Implementation.