Contact Us Today! 1-844-237-4300

Central Technology Solutions Blog

Ransomware Shuts Down Doctors’ Office - Is Your Business Protected?

Ransomware Shuts Down Doctors’ Office - Is Your Business Protected?

Let me ask you a question… let’s say that you’re about one year from your projected retirement, when a ransomware attack encrypts all of your files. What do you do? Pack it in and retire early? This is precisely the situation that the practitioners of Brookside ENT & Hearing Services of Battle Creek, Michigan, have found themselves in - and it may not be over yet.

What Happened to Brookside ENT?

Typical of a ransomware attack, the malware began by deleting and overwriting all of the practice’s data - every medical record, bill, and upcoming appointment. A duplicate of each file was left behind, locked behind a password that the person or persons responsible promised to provide in exchange for a $6,500 wire transfer.

Under the advisement of an “IT guy,” Dr. William Scalf and Michigan state senator Dr. John Bizon didn’t pay the ransom, as they couldn’t be sure that the password would even work, or that the ransomware wouldn’t return in the near future. As their IT resource determined that the attacker hadn’t actually viewed any of the records, this event technically didn’t need to be reported as a breach under the Health Insurance Portability and Accountability Act (HIPAA). Nevertheless, without access to this data, the physicians saw little choice than to retire early.

Well, kind of. As they had no means of knowing who had an appointment scheduled, the physicians had little choice than to wait around the office for a few weeks and see whomever showed up.

Why Throwing in the Towel May Not Be Enough

From a purely academic point of view, it only makes sense that the medical industry would be one targeted by ransomware. Not only do its establishments rely greatly on the data they have stored, there is an urgency to this reliance that cannot be denied. Think about the possible ramifications if a medical practitioner was unable to properly diagnose a patient and recommend treatment because of some unavailable data.

Of course, the strategy that Brookside ENT has adopted to close up shop doesn’t leave its owners off the hook, either. They could still find themselves in plenty of regulatory hot water.

For instance, a ransomware attack (paid or not) could be considered a reportable incident under HIPAA, or even an instigation of a negligence-based legal action. Any patient could invoke HIPAA rules if their data was in digital form and have an investigation started by the Department of Health and Human Services’ Office of Civil Rights, simply by leaving a complaint.

How You Can Protect Your Business from Ransomware

While the best way to keep your business safe is to be able to spot ransomware infection attempts before they successfully fool you into allowing them on your system, statistically, you aren’t going to be able to spot all of them… so what can you do?

One great resource you have available to you is your team. Each uneducated user offers ransomware another way in, but each educated user is another shield to help protect your business.

You should also develop and maintain a comprehensive backup plan to help protect your data from ransomware attacks and other attempts against it. While it would be ideal to not need to use this backup, it would be far less ideal to need one and not have it. Make sure that you keep your backup isolated from the rest of your network as well, so that your backup isn’t also encrypted by a ransomware attack.

At Central Technology Solutions, we have plenty of experience in mitigating the damage that ransomware can cause, as well as in solving various other IT issues. For assistance with any of your business’ IT needs, reach out to us at 1-844-237-4300.

How to Plan Your Data Storage Needs
Taking a Look at a Manufacturer’s IT
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, July 23 2019

Captcha Image

Join our mailing list!

  • Company Name *
  • First Name *
  • Last Name *

      Mobile? Grab this Article!

      QR-Code dieser Seite

      Tag Cloud

      Security Tip of the Week Technology Best Practices Business Computing Cloud Productivity Hosted Solutions Email Privacy Malware IT Services Network Security Hackers Internet Data Software Data Backup Productivity Outsourced IT Managed IT Services Computer Business Innovation IT Support Microsoft Mobile Devices Ransomware Data Recovery Hardware Tech Term Cloud Computing Google IT Support Efficiency Backup Business Continuity Small Business Internet of Things Managed Service Provider Upgrade Collaboration User Tips Business Management Communication Smartphone Android Paperless Office Disaster Recovery Remote Monitoring Phishing VoIP Smartphones Encryption Windows 10 Social Media Save Money Windows 10 Artificial Intelligence Windows Data Management Browser Workplace Tips Managed IT Services Managed IT Server Cybersecurity communications Risk Management Mobile Device BYOD Facebook Office 365 Holiday Saving Money Automation Quick Tips Mobile Device Management Passwords App Chrome Applications Vendor Management Laptops Password Bandwidth Government Recovery Document Management Unified Threat Management Analytics Virtualization Employer-Employee Relationship Apps Firewall Wi-Fi Gmail Managed Service BDR Business Technology Compliance Robot Network Bring Your Own Device Going Green IT Management Wireless Microsoft Office Tip of the week Hosted Solution Scam Healthcare Project Management Website Antivirus Infrastructure Help Desk Content Filtering Vulnerability Training Blockchain Information Miscellaneous Money SaaS Big Data File Sharing Data storage Telephone Systems Processor Regulations Tablet Office IT Service Unified Communications Users Files Operating System Printing Computers Downtime Storage Two-factor Authentication Politics Router Remote Computing Settings VPN Work/Life Balance Customer Relationship Management Apple Customer Service Data loss Social Data Security Virtual Reality Computing Company Culture End of Support Health Budget RMM Monitors Spam Bitcoin Information Technology Word Redundancy Alert YouTube Electronic Medical Records WiFi Mouse Private Cloud Outlook Proactive Software as a Service Tech Support The Internet of Things Google Drive How To Samsung Administration Management LiFi Smart Technology Digital Payment Remote Monitoring and Management Education Maintenance Patch Management Chromebook Websites Identity Theft Networking Flexibility Net Neutrality Business Growth IT solutions Licensing Remote Workers Avoiding Downtime Virtual Private Network Mobile Computing Network Management Internet Exlporer Hacker Sports HIPAA Assessment Upgrades IoT Wireless Technology Legal How To Twitter Current Events Server Management Access Control Cooperation Machine Learning Mobility Gadgets Mobile Security Display Windows 7 Employees Consultation Uninterrupted Power Supply Staff Conferencing Address Processors Wireless Internet Break Fix Social Networking Asset Tracking Statistics Professional Services SharePoint Recycling Cyberattacks Digital Obstacle Manufacturing Black Friday Roanoke — Central Technology Solutions Supercomputer Hacks MSP Disaster Resistance Office Tips Security Cameras Unified Threat Management Hotspot Crowdsourcing Meetings Typing Update Transportation Mirgation Tracking Development Zero-Day Threat Superfish Unsupported Software Virus Fraud Screen Reader G Suite History Best Practice Utility Computing Consulting Search Downloads Augmented Reality Taxes Managing Stress Instant Messaging Employer/Employee Relationships Dark Web Motherboard Google Maps OneNote Bluetooth Virtual Assistant eWaste Read Only Spyware Course Social Engineering USB Hard Disk Drives Cyber Monday technology services provider IT Budget Tech Terms Proactive IT Remote Worker User Error Language Shortcut Migration Windows 8 Save Time Cables Backup and Disaster Recovery Mobile Data Projects Smart Tech Cabling Managed Services Provider Operations Identities Enterprise Content Management Finance Firefox Proactive Maintenance Data Warehousing Employee-Employer Relationship Wasting Time Safety Solid State Drives Technology Assurance Group ’s 18 Theft Heating/Cooling IT Consulting Dark Data Personal Information ROI Computing Infrastructure Point of Sale WannaCry Teamwork Technology Tips Chatbots Wires Human Error Time Management Virtual Desktop Return on Investment Cybercrime Google Wallet Cost Management E-Commerce Database Multi-Factor Security Wearable Technology Telephony Hard Drives Google Docs Vulnerabilities Authentication Notifications Database Management Microsoft Excel Modem Sync Connectivity Hacking Enterprise Resource Planning Bookmarks Black Market Options Distributed Denial of Service Annual Convention Public Cloud Humor WPA3 Financial Servers Data Breach Notes Printer Alerts Law Enforcement Features Writing Emoji Shared resources Comparison Identity Botnet Backups Permission Travel Drones Hard Drive Voice over Internet Protocol Google Calendar Solid State Drive Geography Authorization GDPR Cookies Mobile Device Managment Software Tips Deep Learning Disaster Trending Network Congestion Gadget Mobile Favorites Mail Merge 5G Managed IT Service San Diego Automobile Computer Care Fleet Tracking Procurement Technology Laws Computer Repair Marketing PowerPoint Cache Electronic Health Records VoIP Sponsor Retail Cortana Buisness OneDrive Specifications Test Touchscreen Techology Physical Security Alt Codes Legislation IT Technicians GPS Cryptocurrency High-Speed Internet Lenovo 3D Printing Permissions Nanotechnology Star Wars Monitoring CCTV Administrator Relocation Webcam Students Hard Disk Drive IT Consultant Printers Error Emergency Web Server CrashOverride Cameras Regulation Motion Sickness