A couple of times this year, we have written about “ransomware” and the threats it poses to all healthcare providers. Some of the behavioral health providers we serve do not realize that this trend is a threat to them and their patients and the Protected Health Information (PHI) they house on behalf of those patients.
Apparently, the Office of the National Coordinator for Health IT (ONC), the Office for Civil Rights (OCR), and the Department of Health and Human Services are also concerned about this new trend.
On July 11, 2016 OCR published a Fact Sheet on Ransomware and HIPAA. If you have computers in your office that are connected to the Internet, we strongly recommend that you take a look at this Guidance. OCR did a thorough job of discussing “ransomware” and its implications for you.
Don’t bury your head in the sand about these threats. You need to understand how they pertain to you, what you should be doing on a regular basis to prevent such intrusions, and whether your current HIPAA procedures are enough.
Anyone willing to share an experience with “ransomware”? Please share your comments below.