Three Ways Healthcare Professionals Can Protect Against Ransomware Attacks

To be blunt, the healthcare industry has become a favorite target of ransomware attacks. According to the 2017 Global Threat Intelligence Report (GTIR) published by NTT Security, 77% of all detected, global ransomware cases were in just four industries — and the healthcare industry was unfortunately listed.

If you are a healthcare professional, you have no choice but to deal with this threat. According to a recent US Government interagency report, “more than 4,000 ransomware attacks have occurred daily since January 1, 2016. This is a 300-percent increase over the approximately 1,000 attacks per day seen in 2015.” These attacks are encrypting protected health information (PHI).

Things are even more complicated when you consider how the Department of Health and Human Services (HHS) and the Office for Civil Rights (OCR) view a ransomware attack and the responsibilities of healthcare professionals under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). In a recently published fact sheet on the topic HHS stated that “unless the covered entity or business associate can demonstrate that there is a ‘…low probability that the PHI has been compromised,’ based on the factors set forth in the Breach Notification Rule, a breach of PHI is presumed to have occurred.”

That’s right, HHS presumes a breach of PHI under HIPAA in the event of a ransomware attack. Before panic sets in, you need to know that there are very important and critical steps that every healthcare professional needs to take to secure all PHI and comply with HIPAA requirements.


1. Implement good backup and disaster recovery policies

Imagine if your practice was affected by a ransomware attack. You could lose access to your patient records, financial data including outstanding receivables from various insurance companies, upcoming appointments with patients, and other mission critical data.

Having multiple and redundant backups of this data is critical — not to mention a requirement under the Security Rule for HIPAA covered entities. Even further, you need to constantly verify the integrity of all backup files and test the that they can be restored.


2. Deploy advanced security and antiviral solutions to prevent and catch these attacks early

A layered approach is the most effective method to stopping ransomware before it encrypts your data. A quality firewall installed and configured correctly can tease out ransomware and deter sophisticated attacks. Today’s ransomware can morph its code to pass right under many detection algorithms. A good firewall will utilize advanced network monitoring and analytics to detect and quarantine potential threats.

Installing antiviral software on every networked machine in your office is also extremely important. In addition to looking for recognized definitions, this software will also utilize behavior-based detection methods.


3. Train all Personnel and Medical Staff

Ransomware attackers have adopted advanced techniques to convince everyone at your medical practice to click on a link that opens the door for malware to infect the machine. From phishing attacks to malvertising — where attackers infuse their ransomware into legitimate online advertising and webpages that are often frequented by your office staff — there is a constant threat that somebody accidentally clicks on a bad link.

Security awareness training will help your staff to be safer online and thereby reduce the threat of a ransomware attack. Educating employees about the seriousness of malware and helping them to avoid common pitfalls will lead to a safer network.


What Now?

We would love the chance to discuss your thoughts on the matter and maybe even learn what strategies have worked for you and your team. If there are any questions, put them in the comments below or give us a call and we are happy to help where we can. Stay safe out there!