Imagine the following frightening scenario:
You try to log into your patient database and find that you are locked out. In your email is a message from someone claiming to have access to the database and all of the PHI contained within it. The message says that they will give you back your database access, but only if you pay them $250,000.
Would you pay the ransom?
We can help your practice stay on top of the latest healthcare news, rules, regulations and trends. Subscribe to stay current and up to date on important matters that will impact your practice. (To subscribe to our blog click here).
Today we no longer face a simple threat of data misuse. Hackers are demanding ransoms for data access restoration more and more.
Many practices and hospitals have been choosing the pay the ransom, but they should not give in to hackers.
Why not?
- Other hackers will learn that you have a reputation for paying;
- Your patients and vendors will find out and will likely be upset;
- You might have problems with future business dealings in the industry.
If you discover a hacker is holding your data hostage and demanding a ransom, inform law enforcement immediately.
Many breaches go unreported to law enforcement, and the FBI wants to know more about breaches to increase cybersecurity protections.
The best thing to do is to have a breach readiness plan in place.
Know how your practice will respond in the event of a breach. Prepare your practice by installing firewalls, encryption software, and ample backups. Make sure you have a comprehensive compliance plan that includes HIPAA breach prevention and reporting policies and procedures.
Additionally, it is essential that you train your staff to follow the guidelines in your HIPAA Compliance Plan. Be sure that your employees know exactly what to do if a breach occurs, and how to appropriately report misconduct. Further, make sure that you have trained your employees sufficiently enough so that their errors do not lead to system weaknesses or potential breaches.
We can help you create and implement a comprehensive HIPAA Compliance Plan, including the development of employee training programs. Call us today!
We publish vital information on health law topics and news every Wednesday and Friday. To get this important information delivered directly to your mail box, click here to Subscribe.
P.S. If you or your patients are interested in consumer healthcare issues, check out myhealthspin.com.