A couple of times this year, we have written about “ransomware” and the threats it poses to all healthcare providers. Some of the behavioral health providers we serve do not realize that this trend is a threat to them and their patients and the Protected Health Information (PHI) they house on behalf of those patients.
Apparently, the Office of the National Coordinator for Health IT (ONC), the Office for Civil Rights (OCR), and the Department of Health and Human Services are also concerned about this new trend.
On July 11, 2016 OCR published a Fact Sheet on Ransomware and HIPAA. If you have computers in your office that are connected to the Internet, we strongly recommend that you take a look at this Guidance. OCR did a thorough job of discussing “ransomware” and its implications for you.
Don’t bury your head in the sand about these threats. You need to understand how they pertain to you, what you should be doing on a regular basis to prevent such intrusions, and whether your current HIPAA procedures are enough.
Anyone willing to share an experience with “ransomware”? Please share your comments below.
Jeannine says:
My home computer data was taken by ransomware. By the time I got it to the computer consultant, it was too late. I’m not sure I would have paid the ransome anyway.
Kathy says:
Sometimes, I think we protect our home or personal computers less well than our business machines. I guess that is good in some ways…but I hate to think about the personal things you had on your machine that you have lost. Do you mind sharing how you got the ransomware. It might help some of us avoid it!