Changes in the HealthyPractice team, sick leave changes & cyber security

Changes in the HealthyPractice team.

We’re really pleased to welcome Bryce Pullan to the team as a Business Adviser, he will be working with us on Monday and Tuesday. Like all of the team Bryce has been with MAS for some time and is looking forward to supporting Members and their practices.

Bryce joining us, has allowed Chris to achieve her dream of a four-day working week, Tuesday to Friday and Chris is very much enjoying her three-day weekends.

Emailing us your queries to business@mas.co.nz generally means we can respond the same day especially if you send before midday. If your query is urgent just let us know in your email subject line or call 0800 800 627 and ask for the HealthyPractice team.

Increase to sick leave entitlements

The expected increase to sick leave entitlements was passed through Parliament last week. The changes will come into effect on the 24 July.  Employees will get an extra 5 days per year either after reaching 6 months employment or on their sick leave entitlement anniversary (12 months after they were last entitled to sick leave).  We have updated our content and will update our employment agreements prior to the changes being implemented.

Cybersecurity

We have been reminded in the last fortnight that New Zealand is not immune from cyber-attacks. Last year, NZX was attacked over the course of several days, and trading had to be suspended until the problem was resolved. Waikato DHB has now become a victim of one of these attacks, with their information being held for over a week with the threat of releasing individuals’ information on the dark web unless a ransom is paid.  It has been reported that attack occurred after an employee clicked on an email attachment.

As well as the disruption to normal business as usual, those attacks carry a significant cost in terms of reputational damage, and the technical expertise required to investigate the attacks and secure the IT systems affected.

 Keep yourself and your colleagues safe

Regardless of your practice’s budget for cybersecurity, there are some basic things you can do right now to keep yourself and your colleagues safe from cyber-crime, and to protect your patients’ information.

1. Train your staff

Your staff are your one of your first lines of defence, provide on-going training that enables your staff to recognise potential risks e.g. phishing emails

2. Take your passwords seriously

Put simply, you need strong passwords, and you need to change them regularly. It might be convenient to use “password” for everything but you’re putting yourself at severe risk. Ideally, your passwords should have a mixture of lower- and upper-case letters, numbers, and special characters.

Once you have a strong password, you should avoid using it for all your devices and applications and aim to update it every few months. If you’re finding it difficult to keep track of everything, a password manager is a good idea – it’s effectively a vault for all your passwords.

3. Check your privacy settings

Know and control who can see your information. It might seem harmless to share pictures of friends and family gathered at special occasions but remember that the more you share, and the more identifiable everyone is, the more data you’re potentially providing cyber criminals.

Check the privacy settings on your social media accounts so that only friends and family can see your full details. Unlike or Unfollow social media pages and leave groups that you no longer have an interest in.

The basic principle is to give out as little information as possible when you’re online, particularly when you’re signing up for what are marketed as ‘free’ services or apps.

4. Stay on top of all the relevant software updates

Keep up to date with any software updates that are issued for your phone, computer, or IT system. Not only do those updates improve the usability of your system, but they also contain regular security upgrades to patch any flaws.

5. Use two-factor authentication

Two factor authentication (2FA) is a way of double-checking someone is who they say they are when they try to login to a system. So, as well as providing their username and password, they will often be asked to enter a special code that is texted to their phone.

You can add 2FA to all sorts of things but it’s essential on systems like email or accounting software.

These are a few basic tips to get you started but cybersecurity is something you need to take seriously. For more information, check out the resources at www.cert.govt.nz.

MAS Senior System Support Administrator Sydney Kanda says there are ten things business owners can do to make their networks harder to attack, and you can read his tips at this link https://www.mas.co.nz/hub/ten-ways-to-protect-your-business-from-cybercrime/

Find out about cyber insurance to provide assistance should the worst happen.