If you think your independent pharmacy is immune to cyber crime, you may need to think again. Unfortunately, an increasing number of cybercriminals are now targeting small businesses, due to the fact that security is typically weaker. A recent survey by Fortinet found that nearly two-thirds of consumers held merchants responsible for data breaches and 60% of small businesses that suffer a data breach are out of business within six months.Therefore, keeping your customer’s credit card information safe is crucial to your pharmacy’s future. In order to keep your customers guarded and your pharmacy secure, it is essential to understand these three significant concepts:
You Are At Risk For an Attack
If you think it can’t happen to you, you’re already giving the cyberattackers a leg up. Any small business that accepts credit cards is a potential target for a cyber security breach. As an independent pharmacy owner, never make the mistake of believing you are too small or located in a safe enough area that won’t be on the radar. Hackers are targeting small-scale businesses more often, because locally-owned, small networks are easier to hack, and they are not as regularly checked for compliance with credit card security standards. If your computer system is under protected, a hacker can inject malware onto your payment terminal from anywhere in the world to access customer information. Understanding that you are at risk is the first step toward protecting yourself.
You Are Held to the Government’s Standards of Security
If you accept credit cards, you are held to the same standards as larger chain stores, like Target and CVS. The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that all companies that process, store, or transmit credit card information maintain a secure environment. When you initially set up your payment system to accept credit cards, you agreed to abide by the PCI DSS. Whether you swipe one or one million cards each year, you are legally required to keep your computer system as secure as possible.
This year, even more credit card security measures are being enforced. EMV (which stands for Europay, MasterCard and Visa) is the new global standard for cards equipped with computer chips and the technology used to authenticate chip-card transactions. It means greater protection against fraud for the consumer, and it is legally required for your pharmacy to have the proper technology to read these cards – so be sure to check the 2015 deadlines to have this implemented.
You Will Be Held Liable for a Preventable Breach
Any business that suffers a cyber security breach and is found to be non-compliant with credit card security standards is fully liable for charges related to the violation and can be required to financially compensate those who were defrauded. If a security breach occurs, PCI DSS inspectors will investigate. This process alone can be crippling for an independent pharmacy since it requires them to shut down operations for several days, or longer, and costs a few thousand dollars in inspection fees. If the investigation finds your security was not up to code, you’ll be paying for even more charges:
- Data Security Fine – Up to $500,000 fine per security breach incident.
- Non-Compliance Fines – Up to $50,000 per day for non-compliance with published standards.
- Card Replacement Fees – $3 to $10 per card multiplied by the total number of cards compromised.
- Refund Fees – Potentially held liable for all fraud losses incurred from compromised account numbers.
Failing to update your security programs could cost a lot of money in the long run, so do the hard work now to make sure that your pharmacy is PCI DSS compliant. That way, if your pharmacy is successfully hacked, you will not be held liable for any fines beyond the possible audit fees.
Keeping your technology up-to-date is just one of the ways to successfully compete in the pharmacy industry. For more advice on how ensure that your pharmacy is staying productive and profitable, download our free eBook 3 Innovative Ways to Compete in the Pharmacy Market.