- Healthcare organization’s computer networks are 114 times more likely to suffer ransomware attacks than those at financial institutions, and 21 times more likely than schools and universities, CSO reports.
- The sobering statistic surfaced in a new report by security firm Solutionary, which experienced 88% of ransomware infections in the first six months of 2016 despite having healthcare account for just 7.4% of its client base.
- In early July, HHS’ Office (US Department of Health & Human Services) for Civil Rights issued draft guidance to help healthcare organizations tackle ransomware threats head on. The assistance reinforces HIPAA-required activities which organizations can use to prevent, detect, contain, and respond to threats.
“The most important steps in protecting your company’s and your customers’ data from the growing malicious ransomware onslaught are ensuring that you have a robust backup and recovery process, and that your security software is up-to-date and able to detect the most recent ransomware variants," Rob Kraus, director of research for Solutionary's SER team, said in a statement. "As the threat continues to evolve, it will be crucial for organizations to have defined incident-response procedures and proper detective and preventive controls in place to reduce ransomware’s impact."
Many of the healthcare organizations who have experienced a data breach in 2016 have been due to ransomware. Hollywood Presbyterian Medical Center, for instance, in California, was locked out of its EHR for a week. Providers were forced to revert to pen and paper until the decision was made to pay hackers $17,000.
PalmTech can assist with the protection of your company and client data. Our skilled security team will assess your network to determine any vulnerabilities that may exist, then work out a plan to secure those entry points or weaknesses. In addition, if necessary, we will help ensure you are following the required HIPAA regulations.
Keep in mind - even if you don’t fall under the “medical facility” category, you are STILL required to follow HIPAA guidelines if your company handles protected health information (PHI). For instance, legal firms, insurance companies, chiropractors, schools, non profit organizations, and optometrists are a few types of businesses that must be HIPAA compliant.
Call us at (561)969-1616 or email us at [email protected] to discuss.