Health Care IndustryPublications

Ransomware Affecting Healthcare Entities

June 29, 2017Legal Alerts

The latest round of ransomware attacks is here and the Department of Health & Human Services (HHS) has indicated the health care and public health sectors may be adversely affected. In its June 27 alert bulletin, the HHS Office for Civil Rights provided guidance for mitigating the ransomware threat and how to respond if victimized. 

To mitigate risks, educate your system users about common phishing tactics so they are less likely to access malicious attachments and links. Also, employ appropriate technological safeguards, such as the latest security patches, blocking tools and anti‑virus products. 

If you do find yourself victimized by a ransomware attack, suggested steps include: 

        1. Contact the FBI Field Office Cyber Task Force or U.S. Secret Service Electronic 
            Crimes Task Force to report the attack and request assistance. 
        2. Report incidents to US-CERT (US Computer Emergency Readiness Team) and the
            FBI’s Internet Crime Complaint Center. 
        3. If medical devices are affected by the attack, contact the FDA’s emergency line at 
            1-866-300-4374. 
        4. You can also report health care-specific issues to the HHS Cybersecurity and
            Communications Integration Center at [email protected]

If you need assistance relating to a ransomware attack or any incident that could have exposed protected health information, contact your Dinsmore attorney.