Ransomware is the newest threat to emerge against electronic protected health information (ePHI). Oxford Dictionaries defines ransomware as "a type of malicious software designed to block access to a computer system until a sum of money is paid". Crypto ransomware will encrypt data and locker ransomware prevents users from being able to access the information; either way, access to important data is denied and healthcare operations are interrupted. In several recent healthcare scenarios, including Hollywood Presbyterian Medical Center, a ransom in bitcoin has been demanded. Bitcoin is "a type of digital currency that uses state-of-the-art cryptography, can be issued in any fractional denomination, and has a decentralized distribution system" which is often preferred by hackers due to its anonymity compared to centralized banking.
As the old saying goes - "an ounce of prevention is worth a pound of cure". There are many ways that a practice can protect their health data and it begins with prevention. As with most security efforts, a multi-layered approach is often the most effective.
Encrypt ePHI at rest.
Backup your health data regularly on an off-network device.
Technical controls for prevention.
Train staff to be cautious of suspicious email attachments and inappropriate websites.
Ensure that endpoint protection systems are properly installed and configured on devices with access to ePHI.
Keep your operating system and software applications patched.
Remove an infected system from your network immediately.
Ideally, do not pay the ransom.
Click HERE for more detailed information about protecting your health data.
Contact the HCCN Grant Project Team
Contact Terri to request access to the Connections Resource Site, to request access to Virtual Lecture Hall, or to share information for a future Member Update.
Contact Trish for MU, HIPAA, or HIT assistance.
Feel free to contact any member of the KAMU HCCN Grant Project Team below for assistance with project activities.
Health Center Connections is a health center controlled network organized and supported by KAMU. Current funding for Connections is through Health Resources and Services Administration (HRSA) HCCN Funding Opportunity HRSA-13-237.
