Can your practice be held for ransom?

The Advocacy Council recently became aware of two allergy practices that were victims of ransomware attacks. We might normally think of this only being a risk for those practices with electronic health records, but, in both cases, the breach occurred by staff opening deceptive emails. The practices were required to pay ransoms to restore their billing systems.

Ransomware is malicious software that grabs data and/or blocks access to data unless a ransom is paid. The most common entry point is through an opened email. In recent years, as technology progresses, health care organizations of all sizes have become more vulnerable.

Ransom is demanded in exchange for an encryption code that supposedly unlocks the data. About 65% of victims pay the ransom (amounts vary, from a few hundred to a few thousand dollars), but paying it does not guarantee data or files can or will be restored. Routine backups should be made – preferably to an off-site location – with an organization experienced in restoring data. A common misconception is that data can always be restored from a backup –  but the backups may have been infected as well.

Tips to protect your data:

  1. Educate employees regarding the dangers of clicking on links in emails from unknown sources or websites. Use common sense - if something looks suspicious, it most likely is. Don’t open it!
  2. Keep software and hardware up-to-date on all servers and workstations including firewalls, email servers, routers and anti-virus programs.
  3. Ensure critical systems are backed up.
  4. Block access of personal email accounts (such as gmail, yahoo) on workstations. Employees can access personal email through smartphones.

While nothing is bulletproof, following these tips will help mitigate the threat of a ransomware attack on your practice’s data. Read our tips on cybersecurity.