Guidance on Ransom-ware Attacks

Top 10 List to Protecting Yourself from Ransomware

In July, 2016 the Department of Health and Human Services Office of Civil Rights issued guidance intended to help healthcare entities understand and respond to ransom-ware attacks.

ransom ware touchscreen is operated by businessman.

Ransom-ware is a type of malware that denies a user’s access to its electronic data by encrypting the data with a “key” known only to the perpetrating hacker.  After the malware is deployed, the hacker demands that the user pay a ransom (often the request is made in cryptocurrency, such as Bitcoin, to preserve the hacker’s anonymity) to obtain the key and decrypt the data.  However, there are no guarantees that once the ransom is paid will the hacker provide the necessary key.

According to the report issued, there have been 4,000 daily ransom-ware attacks since early 2016 (a 300% increase over the 1,000 daily ransom-ware attacks reported in 2015).  Doesn’t that seem incredible? Why would these people target businesses such as yours?  Here are some thoughts:

  • They know it’s where the money is
  • They know that they can cause some major business disruption, which will put you in a very vulnerable position
  • Because through the business their dirty deeds reach a more extensive system – networks of computers, and cloud-based systems may be impacted
  • Because small business, especially healthcare providers, are often not well prepared to deal with these types of cyber attacks

After reading the HHS report, I set out to build a checklist that would help prevent this from happening to me and you, my client.  Here is my “Top 10 List to Protecting Yourself from Ransom-ware”:

  1. Back-up your data and make sure it works!  Having a couple of backups may even be a good idea – using an external drive that is removed from your office and using a cloud-based back-up system.  Side-note: Whatever backup system you may use for Protected Patient Information be sure it is HIPAA compliant and that it follows security management process described in your policies.
  2. Keep your computer operating system up to date.  New updates are issued often that contain fixes to security issues.  The same is true for the software you use – check for updates often.
  3. Use extreme caution when you are on-line and using the Internet.  Know your sites and stay away from any pop-up ad campaigns.
  4. Never open spam mail or mail from unknown senders.  If the subject line of the e-mail I receive is empty, or, if the e-mail looks even somewhat suspicious, it gets the “shift-delete” treatment.  It doesn’t even get a chance to reside in my trash bin.
  5. Use caution when downloading files, opening files, or clicking on hyperlinks – know your sources!  If you ever do open a suspicious file by mistake, shut off your Internet connection.
  6. Have security software installed and keep your subscription up to date.  One the best ways to protect against a virus is to have defenses in place to ensure you never receive any in the first place.
  7. Keep your system locked down when you are not using it and never share your password with another user.  And, I hate to say it – don’t keep your password on a sticky note placed on your computer (yes, I see this frequently).
  8. Keep your employees privileges locked down on your network.  Make it difficult for them to do their on-line shopping, visiting unknown websites, or social media sites on your business computer.
  9. Don’t let your children or grandchildren on your computer – I’m serious! Over the years I have tried to fix more computer problems as a result of kids games and files they download.  Give them their own gaming or computer system and keep them off your computer.
  10. Don’t pay the ransom. Even if we follow the above checklist, it’s possible we could find ourselves subject to a cyber-criminal.  Paying the criminal only puts you in a position of being a repeat customer.

Computers have become an integral part of the way in which we do business today.  I find myself being in a love, hate relationship.  I love the efficiencies and conveniences they provide.   I hate the damage they can cause to relationships, work / family time, and our pocket-book.  I’m probably not going to eliminate technology from my life any time soon.  In fact, my use will likely only increase with time – so, I guess it just makes sense to be smart in the way in which we use them.  Hopefully, this checklist will help us both in making life with them just a little better and little safer.

If you are interested in receiving a copy of the HHS report,  go to http://mikeldevries.com/HHSReport for a pdf copy.

Mike DeVries is a CERTIFIED FINANCIAL PLANNER ™, Enrolled Agent,  and a Certified Healthcare Business Consultant focusing on helping healthcare professionals. If you would like to learn more about becoming a client, contact Mike at www.vmde.com.

A Budget – Personal Financial Management

Financial Planning Steps that Put you in Control

Today we are living in an uncertain economy.  There is talk of changing and increasing taxes, of a failing Social Security system and of skyrocketing educational costs.  Given the various financial uncertainties, it is more important than ever for you to apply financial planning principles to your personal life.  Budgeting is one of these key principles.

Budget Financial Planning

The majority of American households are in significant debt.  According to a study in Time Magazine – May, 2016, the average American household has total debt of $90,000, which includes households that live debt free.  The average households with debt owes more than $130,000.  This debt burden is costing the average household more than $6,600 in interest per year – about 9% of the average income.

Many do not have a budget and as a result most households have no idea where they spent their money last year.  A personal budget can provide this information and can help you take control of your financial life.

Don’t be Fooled by Fake IRS Communications

5 things you should know about phishing scams

Be aware that fraudsters are trying everything they can to obtain your personal or business financial information.  I received a call from a doctor client who indicated that she received an e-mail from the IRS stating that they were due a refund for taxes paid.  The e-mail looks legitimate as even indicates an official looking reply to address – office@irs.gov.  The body of the email states the following:

Phishing Scam Warning Sign

Review Your Interest Rates

4 things to check if you refinance your adjustable rate loan

Interest rates have been low over the past many years, which has been most advantageous for utilizing adjustable rate loans. Experts say that interest rates will be on the rise this year – an easy prediction given where rates are currently; how can you go wrong? A better prediction would encompass how quickly the interest rates will they rise? I figure why take a chance; why wait?

Interest Rates

4 Tax Planning Tips & Ways to Avoid Tax Scams [Podcast]

Play
Tax form operating budget and stopwatch in closeup

Don’t Wait – The Time to Start Tax Planning is Now

Episode 009

Doctors Business Management Show

If you Like the Show, Encourage Us with Your Support

Focus

In this episode, Mike DeVries & Co-Host, Ben Lane discuss 4 Tax Planning Tips that you can do now and through-out the year as well as Ways to Avoid Tax Scams.  The following are notes based upon our discussion.

4 Tax Planning Tips

  1. Don’t Wait – Start Organizing Now
    • Use a Simple Tax Folder to organize your information during the year
      (I purchased this one from Amazon – Tax Folder)
    • Track your financial activity with computer software
      • I use Quicken – Click Here – (I use an older Mac Version)
      • Ben likes Mint – Click Here
      • Or, simply use a spreadsheet program like Excel
      • Use a system, even if it is a manual system
  2. Prepare a Life Inventory
    • Click Here – for a copy of my “Life Inventory” Worksheet
  3. Prepare a Personal Financial Statement
  4. Schedule a Date with your Tax Preparer
    • Be proactive in reviewing your tax estimates through-out the year

Ways to Avoid Tax Scams

  1. Fraudulent Phone Calls
    • IRS will contact you by correspondence first
    • IRS will not ask you to use a credit card
    • IRS will not threaten you with an arrest by the local police department
    • Treasury Inspector General’s Hotline 1-800-366-4484 Website http://www.treasury.gov/tigta/
  2. Phishing Scams
    • Don’t click on suspicious links
    • Keep your passwords updated
  3. ID-Theft and Fraudulent Returns
Itunes

Here are some options for listening to this Podcast:

  1. Click on the Play Button above and listen now
  2. Click on the “Play in New Window” link above so that you can listen and continue to use your current web browser
  3. Click on the “Download” link above to download and store the mp3 file enabling you to listen to the content later
  4. Subscribe to the Podcast on iTunes so that future shows are automatically ready to listen to when they are published – Click Here to Subscribe

Mike DeVries is a CERTIFIED FINANCIAL PLANNER ™, Enrolled Agent,  and a Certified Healthcare Business Consultant focusing on helping healthcare professionals. If you would like to learn more about becoming a client, contact Mike at www.vmde.com.

Tax Savings Moves for the rest of 2014

Tax Cut

Year-end tax planning for 2014 is particularly challenging because Congress has yet acted on a host of tax breaks that expired at the end of 2013. It is uncertain at this time whether the extender provisions will be extended by Congress on a permanent or temporary basis (and whether any such extension would be made retroactive). These extender provisions may be dealt with as part of a broader tax reform effort, be examined on an individual basis as opposed to as part of the traditionally passed ”extenders package,” or simply allowed to remain expired. These tax breaks include the following:

For Individuals

  1. An option to deduct state and local sales and use taxes instead of state and local income taxes
  2. An above-the-line-deduction for qualified higher education expenses
  3. The use of tax-free IRA distributions for charitable purposes by those age 70-1/2 or older
  4. The exclusion for up-to-$2 million of mortgage debt forgiveness on a principal residence

Our doctor clients that are retired may find numbers one and three above to have some impact on their planning, but for most other doctors these individual provisions will have no impact on their personal returns.

For Businesses

  1. 50% bonus first year depreciation for most new machinery, equipment and software – Expired
  2. $500,000 annual expensing limitation – Reduced back to $25,000 limit
  3. Research tax credit – Expired
  4. 15-year write-off for qualified leasehold improvement property – Expired

Our healthcare business clients may find numbers 1, 2 and 4 to have an impact on their tax planning this year.  In the past several years these tax provisions have been extended; however, this year an “extender package” may not be available.

Tax planning towards the end of this year will take on the same time-honored approach of deferring income and accelerating expenses to  minimize your 2014 income taxes.

First of all, we will want to keep an eye on the suspended Business tax deductions noted above. If these regulations are reinstated for 2014, taking advantage of the accelerated depreciation or election to expense more than $25,000 of capital purchases will be worth considering.

Effective year-end tax planning should take account of each doctor’s particular situation and planning goals, with the aim of minimizing taxes to the greatest extent possible. Doctors are often taxed in higher tax brackets –  the 39.6% top tax bracket, the 20% tax rate on long-term capital gains and qualified dividends for taxpayers taxed at a rate of 39.6% on ordinary income, the phaseout of itemized deductions and personal exemptions when income is over specified thresholds, and the 3.8% surtax (Medicare contribution tax) on net investment income for taxpayers whose income exceeds specified thresholds (which are lower than the thresholds at which the phase-out of itemized deductions and personal exemptions begins). So, while many doctors may come out ahead by following the traditional approach (deferring income and accelerating deductions), others, who might be in lower tax brackets or have special circumstances, may benefit from considering accelerating income and deferring deductions. Most traditional techniques for deferring income and accelerating expenses can be reversed to achieve the opposite effect.

The following are a few examples of year-end tax strategies and planning to consider:

  • If you are operating your business as an S-Corporation, give consideration to maximizing the pass-through income and then distribute the money as a dividend.  You should take caution to setting this dividend too high for various reasons, but moving in this direction makes sense today.  Dividends received through your S-Corporation will be taxed as ordinary income, but you will save money on payroll taxes and surtaxes that may apply.
  • Many doctors experienced losses in their investment portfolios several years ago when they sold out during a down-turn of the market and are carrying over their losses each year due to limits on deducting the overall loss.  If your current portfolio has experienced gains, give consideration to selling your investment at a gain that can be off-set with prior year losses that are being carried forward from year to year.  If you like the investment, you can always re-purchase, which will then establish a new basis for a sale down the road.  Just keep in mind, that you can’t sell and investment at a loss and then repurchase the investment and still take the loss due to what is called “wash-sale” rules.
  • Historically, you may have taken the approach of delaying your billing so that you can move income into the next year.  While this might make some sense from the tax viewpoint, I’m not in favor of this from a business standpoint – especially, for my healthcare businesses.  Working and maintaining your accounts receivable trumps taxes, in my opinion (see 5 Actions Steps for Optimizing Your Collections).  Accelerating your expenses at year-end still makes for good tax planning.  Take advantage of year-end sales from your clinical and office suppliers.  Pay for these supplies and other invoices prior to December 31st.  If you expect that your cash flow will improve in January (it often doesn’t, however), you can put the costs on a business credit card.  For cash basis taxpayers, an expense charged on a credit card is considered as though you actually paid for the item when you charge it on the card.  Keep in mind, that you need to have a business credit card – doctors that put the expense on their personal do not receive a business deduction until the business reimburses the cost to the doctor.
  • Over the years of working with doctors, I have seen life-circumstances have impact on my clients and their business.  Changes in a doctor’s tax status due, say, to divorce, marriage, or loss of head of household status should be considered.  For example, if your 2014 tax filling will be as “Head of Household”, and then the following year will be “Single” it may be wise to accelerate your income into 2014 to take advantage of the “Head of Household” filing.  Certain widows or widowers whose spouses died will need to look at the impact of filing a joint return versus filing as a single taxpayer in years following the loss of their spouse.  And, reviewing your tax situation in the year you plan to be married is also something to be considered.
  • Doctors who are trying to save money for their retirement should give consideration to funding an IRA in coordination with their typical qualified retirement plans that they have at the office.  Utilizing this approach to savings allows for options of either deferring the earnings until retirement or potentially converting the IRA to a Roth IRA, which currently holds favorable tax status. For more information on this discussion, see Consider Converting Your Traditional IRA to a Roth IRA.
  • Be on the look out for Alternative Minimum Tax (AMT).  I find this affecting doctors more today than ever before.  While you may not be able to keep it from impacting your tax return, you can try to minimize the effect.  If you are subject to AMT, be sure to review the deductions that are causing it to occur in your situation.  You may be able to time your expenses from year to year that will help minimize the impact of AMT.
  • Finally, being charitable with your money can provide you with tax savings. There are many ways in which you can spread the love to your favorite charity – simply writing a check is one way, but beginning in 2014, again, your itemized deduction may be subjected to a partial phase-out based upon your income.  You might consider supporting your charity through your business by advertising with them at a fund-raising function.  This would move the deduction from your personal return to your business return, which will ultimately reduce your available income that you would receive from the business and taxed personally.  This action would take planning, especially if you are in a group practice.  Another option for being charitable is to gift appreciated assets.  Recently, I had a doctor gift a rare Civil War document to a museum that he acquired.  This will turn out to be a great deduction in his situation.

Attempting to limit your tax exposure takes planning.  And, that planning doesn’t occur just when you file your taxes in early 2015 – it happens through-out the year.  Doctors that invest their time with their tax advisors during the year will move in the right direction for saving taxes when they ultimately have their tax advisor file their return.

Mike DeVries is a CERTIFIED FINANCIAL PLANNER ™, Enrolled Agent,  and a Certified Healthcare Business Consultant focusing on helping healthcare professionals. If you would like to learn more about becoming a client, contact Mike at www.vmde.com.