Data security for chiropractic clinics

The healthcare industry as a whole is under severe threat when it comes to data security. As medical records are more valuable to cyber criminals than card data is, as it fetches them more on the black market. Consequently, we have seen a huge number of data breaches in this industry over the past few years. In fact, in 2015, there were more than 112 million records exposed in the healthcare sector. However, a lot of chiropractic clinics in the UK are still underestimating this threat and in the process they are putting their business at risk.

If you are like most businesses, you will no doubt have adopted technology in some form over the past few years. As technology has been integrated into the healthcare sector, the risks have increased, as cyber criminals have a route in. If you do not protect your customer and employee data effectively, it is only a matter of time before it is exposed.

This is not something that only impacts large businesses, contrary to popular belief. A PWC study revealed that 74 per cent of small businesses were breached in 2015. The reason why cyber criminals often target SMEs is because they recognise that they do not have the money to invest in expensive cyber security systems and security personnel. Thus, they see it as a quick and easy way to make money. In fact, this is something that rings true for the healthcare industry as a whole, as a lot of chiropractic clinics are using outdated software, which is another thing that makes it easy for hackers to expose data.

Another factor that needs to be taken into consideration is PCI compliance. If you take payment via credit or debit card, no matter how frequently or infrequently or what cards you accept, you need to comply with PCI DSS. This stands for Payment Card Industry Data Security Standard. This is a set of regulations that all businesses need to follow if they store, process, or transmit card data.

The requirements range from installing and maintaining a firewall configuration to using two-factor authentication. If you do not follow the regulations that are in place, you can find yourself facing huge fines. These fines are passed on from your bank, and they may terminate your contract, or at the very least your interest rates will go up considerably.

You will then have the cost associated with identifying the security vulnerability and fixing it. You will also have fraud losses and you will need to pay compensation to your customers. That is without mentioning the damage it will do your reputation, which can be extremely hard to rebuild, and costly.

To ensure you don’t have to worry about this, get in touch with Retail Secure to discover more about our cyber security solution, which is a PCI Level 1 Certified solution. This is an affordable solution that reduces the chance of a data breach considerably and is easy to install and manage.

Are SMEs underestimating the data breach threat?

New statistics have revealed that SMEs are increasingly at risk of a data breach, yet there is a lack of understanding amongst these companies regarding the true cost of a cyber attack. This makes worrying reading, as it indicates that a lot of SMEs are at risk of fraud loss, non-compliance fines, and severe reputational damage because they are not taking the threat as seriously as they should be.

Recent figures announced by the government showed that the average cost of a data breach to a small business is £310,000. Is this something your business could afford to lose? Yet, just as worrying is the fact that the vast majority of business owners are underestimating this threat. In fact, Experian found that SMEs are undervaluing the cost of a data breach by a massive 40 per cent. This research was conducted as part of their third annual study on data breach preparedness, entitled ‘SMEs under threat’.

This means that most companies predict the cost of a data breach to be around £179,990. Thus, if the worst were to happen, they would find themselves needing to find an extra £130,000 than anticipated. Unfortunately, the picture becomes even bleaker when you consider the additional indirect expenses that are associated with the loss of trust and reputational damage that occurs after a breach.

It seems that the ‘it will never happen to us’ attitude is still going strong. SMEs should take note of the findings in this survey. Only 23 per cent of those interviewed stated that they think a data breach would have a negative impact on their customers, causing them to look elsewhere. However, the reality is that 64 per cent of consumers say a data breach would discourage them from using the services of an SME.

Not only are SMEs failing to acknowledge the threat, but also they are not preparing effectively either. 65 per cent of companies interviewed stated that they have a data breach response plan. Of those that did not have a plan, 51 per cent said they do not view it as a priority, and 39 per cent don’t think they are at risk. Moreover, only 29 per cent of these organisations update their plan on a quarterly basis. For a plan to be effective, it must be updated, audited, and tested regularly.

The way you response to a data breach is imperative. It could be the difference between your business surviving the breach and not. Can you hold onto the vast majority of your consumers? Or, will you make the situation even worse? A lot of businesses fall into the latter category. In regards to SME data breach response, the following statistics were found – 75 per cent had no forensics, 60 per cent had no customer remediation, 49 per cent had no communication plans, 48 per cent had no insurance plans, 45 per cent had no legal plans, and 42 per cent had no customer notification. The lack of preparedness is extremely worrying.

Don’t be one of these statistics. Take the steps to secure your business to minimise the chance of a data breach occurring.

Retail Secure becomes a Friendly WiFi approved provider

We are delighted to announce that we have become a Friendly WiFi approved provider. Friendly WiFi is the world’s first accreditation scheme for Public WiFi. Discover more about the scheme and our partnership with Friendly WiFi below.

Friendly-WiFi-logo-Large

What is Friendly WiFi?

Friendly WiFi is a scheme that was introduced in response to government demand. It gives companies across the country the ability to display the colourful ‘Friendly WiFi’ symbol, which shows all consumers that their WiFi network is safe to use.

By displaying the Friendly WiFi symbol, you confirm that you have met the safe standard, which means you make an effort to block out all indecent images of children, including pornography. This incorporates the use of the block list from the Internet Watch Foundation (IWF). This assures all users that the WiFi is family friendly and that the company is responsible and makes an effort to protect children. It gives children, young people, and parents the ability to make informed choices when selecting a WiFi hotspot.

This scheme was introduced in 2014, and it has grown considerably since. The UK Council for Child Internet Safety (UKCCIS) collaborated with RDI (UK) Holdings for the creation and launch of the Friendly WiFi, which is now available to any company, irrespective of their size or the industry they operate in. There are now more than 2,000 venues that are part of the scheme, including Queen Elizabeth Olympic Park, Ikea, and Starbucks.

Of course, these businesses will need to meet certain criteria to have the privilege of displaying the Friendly WiFi logo. They need to fill out an application form, after which Friendly WiFi will check to ensure the venue meets the requirements that are in place. If so, the venue will sign a trademark license agreement.

Friendly WiFi and Retail Secure

Now you know a little bit more about Friendly WiFi, and no doubt you will understand why we are delighted to be part of such an important scheme. As an approved provider, we supply products and services that adhere to all of the specifications of the scheme, and this means that all of our clients have the ability to join Friendly WiFi as well and display the logo at their venue.

This will ensure that all child abuse websites that are known to the IWF are prohibited and that access to pornographic material is filtered, and it will also instil trust with your customers. You simply need to pay a small annual licence fee for this privilege. Not only will you have the ability to use the Friendly WiFi logo, but you will also be added to the Friendly WiFi UK search locater at www.friendlywifi.com. Thus, when parents search for responsible WiFi venues, your business’s name will appear.

Why you should provide guest WiFi at your chiropractic clinic

Guest WiFi is something that more and more customers demand nowadays. However, there are a lot of us that assume this is a service that is only suited to the likes of hotels, cafes, and bars. It’s understandable why you’d think this way, after all, a lot of people stay at hotels on business trips and it’s not uncommon for people to take their laptop along with them when they go for a coffee at their local café. Nevertheless, the benefits of customer WiFi extend a lot further than you may realise. This is something that could do wonders for your chiropractic clinic. Read on to discover more.

1024px-Chiropractic_spinal_adjustment

  • Improve customer satisfaction – One of the key benefits associated with free WiFi provision is the fact that you will increase customer satisfaction considerably. You know what it is like when appointments run behind schedule and customers get frustrated. There is nothing you can do about it, but this doesn’t stop your clients from feeling disgruntled. With guest WiFi, you boost satisfaction because you give your customers something to do while they wait. This shows that you value their time.
  • Send targeted marketing messages – The best customer WiFi solutions give you an amazing insight into your clients. You will receive real-time data about all of your connected customers. You can then use this to send instant push notifications and marketing messages. You could, for example, give them a discount off their next visit or you could reward them for referring a friend. This is a great way to ensure repeat business and to encourage customer loyalty.
  • Attract more clients – The sheer fact that you provide guest WiFi is something that can make new customers choose your business over other chiropractic clinics in the area. There is plenty of research to back up the fact that WiFi has an influence on the mind of the consumer.
  • Add value to the service you provide – You cannot only use the customer analytics to improve target marketing, but you can also use them to add value to the service you provide. For example, you could send useful information suited to each patient, including tips on managing their condition at home and other general pieces of information that will be useful to them.
  • Brand your chiropractic clinic more effectively – Last but not least, guest WiFi also represents an excellent way for you to brand your business to full effect. There are many different features you can make the most of, including a customised landing page. The landing page is the page your clients will see when they go to log in to your network. It’s like a digital shop window, so you want to make sure you make a good impression. There are various ways you can do this. You should always include your logo, as well as any other compelling marketing messages.

Common mistakes companies make after a data breach

Of course, the main aim is always to ensure that a data breach does not occur. Nevertheless, you do also need to prepare for the fact that it might happen, irrespective of how good your security systems are. After all, acting quickly is one of the most pivotal factors when it comes to damage limitation of a data breach. With that being said, continue reading to discover some of the most common mistakes companies make after a data breach.

hqdefault

Lack of clear communication – There is only one place to begin, and this is with communication. After a breach has occurred, it is important to have clear communication, and this relates to having a leader who can make key decisions and delegate tasks. In fact, miscommunication is one of the main reasons for the mishandling of a data breach, as it adds to confusion and delays the process even further.

Not providing assistance for consumers – Another error is failing to provide assistance for consumers. A lot of business owners are so concerned with internal matters that they neglect to assist their consumers. What you need to consider is that they could be hugely impacted by your data breach. Trust will already be damaged, and you are going to make the situation much worse if you do not set up a call centre where customers can get in touch and ask questions. You should also offer credit monitoring if their information has been compromised.

Trying to handle everything in-house – Sometimes it is better to accept that you are out of your depth. After all, if you could not stop the breach from occurring in the first place, it is a sign that it would be better to use the services of a professional incident response team. They will be able to put a plan into action as quickly as possible to ensure the issue is minimised and steps are put into place for business continuity.

Failing to act with full transparency – This is something that TalkTalk was accused of, as a data breach that occurred in 2014 was only revealed in 2015, and more details seemed to be unearthed as the days went by. The best thing to do is answer every question thrown to you honestly, and apologise for what has happened. If you try to cover anything up, you will only get found out later down the line, and this will undoubtedly make things worse.

Waiting for the perfect information before doing anything – Quite frankly, you don’t have any time to wait. Of course, you are going to have people that are trying to get to the bottom of it by discovering who accessed your system and how. Nevertheless, you need to start managing the incident from the moment you learn of the intrusion.

Five Reasons Every Business Needs To Take Cyber Security Seriously

A lot of business owners have the ‘it won’t happen to me’ attitude when it comes to cyber security. This is an extremely risky approach to take in the current day and age. In fact, you may as well be waiting for your company to be breached. With that being said, in this post, we will reveal the five key reasons why you need to take network security seriously.

  1. You are a target – There is only one place to begin, and this is with the fact that your business is a target. This is the first thing you need to realise. A lot of business owners tend to assume that hackers are only interested in large corporations with an abundance of personal and confidential data. However, all businesses have information that cyber criminals want, from customer payment information to employee records. They view small businesses as a quick and easy payday, as they know that the majority of them do not have enough security in place.
  2. You are breaching PCI compliance – PCI DSS is a set of requirements that is in place for any business that takes payments by card. Even if you outsource payment processing, you need to take PCI into account. There are 12 requirements that need to be followed, and failure to do so could see you face huge non-compliance fines from your bank. It is likely that your bank will terminate your contract. If they don’t, your interest rates will certainly go up significantly.
  3. You will take a huge financial hit – A lot of people underestimate the financial damage a data breach creates. Not only will you suffer non-compliance fines, but there are fraud losses and remediation expenses to compete with too. Such expenses can be difficult to come back from, which is why a lot of businesses end up shutting down after they have suffered a breach. According to an HM Government reported conducted by PWC, data breaches to small businesses can cost between £75,000 and £311,000. Is this something you could really afford?
  4. You will receive bad press – Do you really want your business to be all over the news for the wrong reasons? This will be extremely damaging for your reputation, and the data breach could be the main thing that is associated with your company for years and years to come.
  5. You will lose customers – Making this money back is going to be extremely difficult when you have lost a large chunk of your customers. They aren’t going to use your services when they cannot trust you to protect their private information. The damage your reputation will suffer is often the most difficult thing to come back from, and you will spend a lot of money trying to rebuild the trust.

Public Wi-Fi: Legal Implications Your Business Needs To Be Aware Of

In today’s digital age, access to Wi-Fi is something customers expect, whether they are staying at a hotel, enjoying a bit of retail therapy, or getting their hair cut. The demand to be connected while on the move is never going to disappear. Consequently, more and more businesses are investing in guest Wi-Fi, and reaping the many rewards that come with this. Nevertheless, some business owners are overlooking one pivotal area, and this is legal compliance. With that being said, read on to discover more about the legal implications of offering public Wi-Fi that your business needs to be aware of.

1) Retaining Data

Firstly, we have data retention, which is the law under the 2009 Data Retention Regulations. This legislation was put in place to assist in detecting and preventing organised crime and terrorism. But, what does it mean for your business? Basically, you have to keep communications data for a minimum of 12 months. This relates to any type of data that has been processed or generated in the United Kingdom. You also need to store it in a manner that means it can be traced with ease, for example, you will need to keep records of date, time, duration, and such like.

2) Protecting Data

Not only do you need to retain data, but you need to take the necessary steps to protect it as well. This legislation is part of the Data Protection Act 1998. If you breach this, you can find yourself facing huge fines of up to £500,000. Under the Data Protection Act, it is your responsibility to ensure you protect personal data, including during transmission and while in storage. This involves following various organisational and technical measures, and you may also have to register with the Information Commissioners Office. Please note that if someone requests you to provide them with the personal data you have about them, you are legally bound to do so. You can do this in electronic format.

3) Dealing With Copyright

Last but not least, we have copyright infringement, which is something that is referred to in the Digital Economy Act 2010. Unfortunately, when people access your public Wi-Fi network, you are essentially responsible for what they do while on there. This is why you need to put measures in place to ensure you are doing everything to control this and minimise copyright infringement. If you don’t, you are essentially viewed as an accomplice to the crime they are committing. So, what do you need to do? Well, firstly, if you notice any form of copyright infringement, you must report it. You also need to follow the earlier step regarding data retention, as this ensures anyone that has accessed illegal material can be traced. Aside from this, you should implement clear terms and conditions, and making an effort to block various websites and material is advised.

Needless to say, this can seem a bit confusing and overwhelming if this is not an area your business specialises in. That is why it pays to choose a public Wi-Fi provider that is going to take care of compliance matters for you, giving you the peace of mind that everything is handled above board.

Why guest Wi-Fi is recommended for barber shops and hair salons

Free Wi-Fi is something we are increasingly noticing in cafes, restaurants, bars, and hotels. But, the truth is it has a place across a wide assortment of businesses, from museums, to retail stores, to barber shops and hair salons. In this post, we are going to address the latter. Read on to discover the reasons why guest Wi-Fi comes highly recommended for barber shops and hair salons.

There is plenty of research to suggest that guest Wi-Fi will become commonplace in businesses over the next few years, and the last thing you want to do is get left behind the competition. If you act now, you can gain a competitive advantage and attract new customers to your barber shop or hair salon.

You may think offering free Wi-Fi is not enough to attract new consumers to your business, but you would be mistaken. When you consider the fact that people would rather leave the home without their wallet than their phone, you see how important this has become. Plus, research indicates that a large portion of people consider whether a business has guest W-Fi before they make their decision regarding whether to use their services.

But, why is guest Wi-Fi valuable for hair salons and barber shops in particular? There are various reasons. Firstly, just think about how useful this will be for your customers while they are in-store. They can browse their Facebook or play a game while they are waiting for their hair appointment. This is ideal for those moments when you are running a bit behind schedule. They could even look for hair styles so they get some inspiration for their appointment.

A lot of people also bring their children with them to appointments, and this is a good way to keep them busy. All this works toward building a loyal consumer base, and this is especially beneficial in this industry where repeat business is paramount.

The benefits do not end there either. Guest Wi-Fi presents you with many marketing opportunities. You will be able to get real-time data about all of your clients. This gives you the platform to understand your customers better. You will thus be able to target your marketing campaigns more effectively. You can send special offers and voucher codes to increase the chances of your customers buying any of your haircare products or booking a repeat appointment.

You can also customise the landing page to brand your business more effectively. You can include your business’s logo and any marketing messages to entice customers. Offering social log in is another way to enhance convenience for your clients and you can encourage them to check-in at your barber shop or hair salon so that they are effectively advertising for you.

Don’t be the business to regret not taking action sooner. Investing in guest Wi-Fi can give your business a competitive edge in the hair industry. It will help you to attract new customers while also strengthening the relationship with existing ones, and all this works towards improving profit levels.

Best practises for anyone offering free Wi-Fi at their business

There are many benefits to gain by offering free Wi-Fi at your business. Firstly, this is something an increasing number of customers are demanding, and thus you will be able to gain a competitive edge by investing in guest Wi-Fi now. Leave it any longer, and you will find yourself falling behind the competition. Not only will you attract new customers and increase customer retention levels, but also you can get a better understanding of your consumers, and you can increase your profit levels too. But, you will only do this if you know how to make the most of your guest Wi-Fi solution. So, continue reading to discover the practises you need to follow.

Customise your landing page

Your landing page is the digital equivalent of your shop window. It presents you with the opportunity to make an initial impression on the consumer. Therefore, you need to use it to brand your business to full effect. You should include your company’s logo, as well as anything else you feel is going to be compelling, for example, information about your business or a voucher code for all connected customers to take advantage of.

Cater to your customers needs

Offering free Wi-Fi is one thing, but you need to make sure that it is of a high quality; that is reliable, convenient, and fast. This is even more important in the likes of libraries, cafes, coffee shops, and anywhere else where people will bring bigger devices, such as laptops, to do work. Even still, speed is vital no matter what type of business you run. Let’s say you own a clothes store – no one wants to have to wait ten minutes to send a picture of themselves while trying something on in the changing room to see what their friends think!

Provide social login

Giving customers the opportunity to connect to the Internet via their Facebook or Twitter account is advised. Most people have a social media account already connected to their smartphone. So, if you allow them to login in this manner, you are enhancing convenience by a significant degree and making it easier for them to connect to your Wi-Fi. This enhances the experience, and you can also encourage them to like your Facebook page or follow your Twitter account.

Extract insightful data

You are able to gain valuable insights about your connected customers when you have Guest Wi-Fi in place, and this is something you simply must take advantage of. You can use the information to target your campaign more effectively, sending special offers and notifications that are most likely to appeal to the person in question so you can increase your chances of making a sale.

Make it known

Let people that walk past your business know that you offer free Wi-Fi inside. A large proportion of people now consider whether a business provides guest Wi-Fi or not when they choose where to shop or grab a bite to eat. This is a great way of attracting more people inside of your venue.

Five Wi-Fi Security Practises You Need To Adopt In 2016

All businesses require Wi-Fi in some shape or form; from offering free Wi-Fi for customer use, to managing appointments online, to storing important files on stock and such like. However, are you certain that you are using your Wi-Fi network securely?

Let 2016 be the year that you sharpen up your Wi-Fi security practises. After all, you don’t want to put yourself at risk of getting breached or getting onto the wrong side of the law for failing to be compliant. A lot of businesses are doing this without even realising it. With that being said, read on to discover some of the key things you need to be doing this year:

Use a sophisticated firewall – You need to have a firewall in place for end-to-end protection. However, don’t just choose any old firewall, as some do not have the capacity to offer the level of security your business needs. Make sure you select a sophisticated solution.

Do not broadcast the name of your wireless network – The SSID, which is the name of your wireless network, should never be broadcasted. Moreover, you should make it a name that is not easy to guess. There are many business owners that choose the name of their company – this is not advised.

Keep your anti-virus software up to date – There are many companies that download anti-virus software and then simply forget about it. However, if your software is not up to date, then it is not going to be effective in keeping the likes of Trojans, worms, and viruses out. So, update your software whenever prompted – don’t keep putting it off.

Use two-factor authentication – Nowadays, a password is no longer enough. You need to use two-factor authentication for everything that is stored on your network. This involves adding another layer of security; for example, once someone has entered his or her password you can then request that they enter their mobile number, a code will be sent to their phone and they will need to input this. The problem with passwords is that they are often easy to guess and people are not always responsible in keeping them a secret. However, you still need to brief your employees about using strong passwords and protecting themselves online.

Use encryption – This is a must. You need to encrypt all confidential data, including passwords, payment information, and any other data that is sensitive to your business. Encryption essentially turns all of your data into a language that cannot be read. However, you should avoid using WEP, as cyber criminals can easily crack this. Instead, make use of Wi-Fi protected access, i.e. WPA and WPA2.

So there you have it; five basic yet essential security practises that all businesses need to adopt this year. It doesn’t matter what you use your Wi-Fi network for, you need to do all in your power to protect yourself from a breach.