Being a counsellor or psychotherapist comes with a legal and ethical duty to protect the privacy of clients. A cybersecurity attack can expose clients to financial harm, fraud and even physical danger.
There are multiple ways you can be targeted by a cyberattack, so read on for advice on the best ways to arm yourself against them.
Ensure safe remote access
The records you keep must be accessible as well as secure. Storing records on a single computer is not a safe approach to take because if you run into a technical glitch or your equipment fails, you could lose the files for good. Therefore, you should back them up using secure cloud storage.
Do not email personal information about clients to yourself or anyone else as a backup because the platform may have insufficient capabilities to protect the information from snoopers.
Make sure you’re covered
Tight cybersecurity is crucial. While you will want to be as careful as you can regarding how you store client data, it’s important to get an insurance policy that covers cybercrime just in case.
You can obtain counsellors’ insurance that reduces the need for multiple separate policies through the optional extras you can add – including cyber insurance.
Be wary of email scams
There’s nothing new about the concept of email scams, but the tactics used by the culprits are constantly evolving. It’s important to stay up to date on the latest tricks so that you don’t get caught off-guard.
Phishing attacks are particularly notorious. These involve a cybercriminal masquerading as a reputable source and trying to influence you to click on a link or attachment from an email so they can obtain sensitive data or install malware on your computer.
Scammers often use recent events as the topics for email scams, so they can catch people where they’re most vulnerable. Always stop and question whether it is legitimate and investigate the email address closely. Don’t click on any links or attachments until you’re sure the email has come from a legitimate source.
If you receive a phishing email, you can report it to the National Cyber Security Centre.
Ensure all personal data is encrypted
It’s also important to make sure that you encrypt sensitive client data. Encryption is essential for internet security. It conceals information by scrambling it so that it appears to be random.
You could use an encrypted email address through Proton, as most providers do not provide an adequate level of encryption. Some cloud storage systems offer encryption on the server side, but you can also encrypt data via programs like Tink before uploading it to add an extra layer of protection.
Manage your passwords carefully
Using randomised, hard-to-guess passwords is essential to cybersecurity. Never use words or numbers that are of personal significance to you, such as names or birthdays.
It can be tempting to use the same password for everything. But if you use a reliable password manager, it’s possible to use secure, unique passwords and still log in to sites with speed and efficiency.
Avoid public Wi-Fi networks
Using a secure internet connection is one of the most fundamental steps you can take to ensure data is secure.
You might want to work from public locations occasionally if you provide teletherapy, but public Wi-Fi is notoriously insecure and shouldn’t be used.
It’s advisable to use a VPN to encrypt your entire online presence as you browse the web. This means you can connect to a server that anonymises your identity.
Free VPN services do not tend to offer the right level of protection. Always research which VPN providers are reputable and best suited to your needs beforehand.
It’s also worth noting that you’ll still need to use reliable antivirus software. If a virus were to make it onto your system despite the presence of a VPN, you need to be prepared to deal with it straight away.