The FBI has warned that there is an expected wave of attacks on the United States healthcare system.
We can help your practice stay on top of the latest healthcare news, rules, regulations and trends. Subscribe to stay current and up to date on important matters that will impact your practice. (To subscribe to our blog click here).
The attack involves ransomware called Ryuk, which scrambles data until a ransom is paid. It has already impacted multiple hospitals in the U.S. but could attack many more.
Ransomware has even resulted in a fatality in Germany, when a system failure forced a critically-ill patient to be rerouted.
Hackers are taking advantage of the pandemic, since many healthcare entities quickly expanded their telehealth, work from home policies, EHR capabilities, and internet medical devices. Moving quickly meant that many devices and capabilities did not have adequate protection.
Ransomware has caused some healthcare entities to shut their doors for good, while others were closed temporarily. Some resorted to paper charts to be able to continue care.
While ransomware can be debilitating to your practice, there are additional concerns. The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has warned victims to contact OFAC immediately when faced with ransomware. OFAC may impose penalties for sanctions violations when a U.S. person engages in a transaction with an entity or person covered by an embargo or that violates the International Emergency Economic Powers Act. (See guidance HERE).
If you’re not prepared, now is the time to act.
Make sure that you have backup systems in place and that your staff is trained to act quickly to mitigate damages. Check that your firewalls are in place and all your cybersecurity is up to date. Penetration testing can help to assess the strength of your cybersecurity.
When was your Risk Assessment last updated? Make sure that your policies and procedures are current and that you are aware of all vulnerabilities.
Do you have cyber insurance? Make sure to review your policy and make sure that you have adequate coverage. If you don’t have coverage, you may want to research coverage.
If your practice gets hit with ransomware, contact a healthcare attorney right away.
If you need help with protecting your practice, contact Rickard & Associates today.
In our next blog post, we will keep you informed of related issues. To get this important information delivered directly to your mail box, click here to Subscribe.
Do you need help staying current and compliant with the latest laws, rules and regulations? We can help. To contact us about your new government rules and regulations, your practice’s risk assessment, or about your other legal needs: CLICK HERE.