Contact Us Today! 1-844-237-4300

Central Technology Solutions Blog

Ransomware Shuts Down Doctors’ Office - Is Your Business Protected?

Ransomware Shuts Down Doctors’ Office - Is Your Business Protected?

Let me ask you a question… let’s say that you’re about one year from your projected retirement, when a ransomware attack encrypts all of your files. What do you do? Pack it in and retire early? This is precisely the situation that the practitioners of Brookside ENT & Hearing Services of Battle Creek, Michigan, have found themselves in - and it may not be over yet.

What Happened to Brookside ENT?

Typical of a ransomware attack, the malware began by deleting and overwriting all of the practice’s data - every medical record, bill, and upcoming appointment. A duplicate of each file was left behind, locked behind a password that the person or persons responsible promised to provide in exchange for a $6,500 wire transfer.

Under the advisement of an “IT guy,” Dr. William Scalf and Michigan state senator Dr. John Bizon didn’t pay the ransom, as they couldn’t be sure that the password would even work, or that the ransomware wouldn’t return in the near future. As their IT resource determined that the attacker hadn’t actually viewed any of the records, this event technically didn’t need to be reported as a breach under the Health Insurance Portability and Accountability Act (HIPAA). Nevertheless, without access to this data, the physicians saw little choice than to retire early.

Well, kind of. As they had no means of knowing who had an appointment scheduled, the physicians had little choice than to wait around the office for a few weeks and see whomever showed up.

Why Throwing in the Towel May Not Be Enough

From a purely academic point of view, it only makes sense that the medical industry would be one targeted by ransomware. Not only do its establishments rely greatly on the data they have stored, there is an urgency to this reliance that cannot be denied. Think about the possible ramifications if a medical practitioner was unable to properly diagnose a patient and recommend treatment because of some unavailable data.

Of course, the strategy that Brookside ENT has adopted to close up shop doesn’t leave its owners off the hook, either. They could still find themselves in plenty of regulatory hot water.

For instance, a ransomware attack (paid or not) could be considered a reportable incident under HIPAA, or even an instigation of a negligence-based legal action. Any patient could invoke HIPAA rules if their data was in digital form and have an investigation started by the Department of Health and Human Services’ Office of Civil Rights, simply by leaving a complaint.

How You Can Protect Your Business from Ransomware

While the best way to keep your business safe is to be able to spot ransomware infection attempts before they successfully fool you into allowing them on your system, statistically, you aren’t going to be able to spot all of them… so what can you do?

One great resource you have available to you is your team. Each uneducated user offers ransomware another way in, but each educated user is another shield to help protect your business.

You should also develop and maintain a comprehensive backup plan to help protect your data from ransomware attacks and other attempts against it. While it would be ideal to not need to use this backup, it would be far less ideal to need one and not have it. Make sure that you keep your backup isolated from the rest of your network as well, so that your backup isn’t also encrypted by a ransomware attack.

At Central Technology Solutions, we have plenty of experience in mitigating the damage that ransomware can cause, as well as in solving various other IT issues. For assistance with any of your business’ IT needs, reach out to us at 1-844-237-4300.

How to Plan Your Data Storage Needs
Taking a Look at a Manufacturer’s IT


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Saturday, June 06 2020

Captcha Image

By accepting you will be accessing a service provided by a third-party external to

Join our mailing list!

  • Company Name *
  • First Name *
  • Last Name *

      Mobile? Grab this Article!

      QR-Code dieser Seite

      Tag Cloud

      Security Tip of the Week Technology Best Practices Business Computing Productivity Cloud Data Privacy Hosted Solutions Network Security IT Services Data Backup Email Malware Internet Hackers Software Efficiency IT Support Outsourced IT Innovation Microsoft Business Data Recovery Mobile Devices Productivity Computer Managed IT Services Hardware Google Upgrade Business Continuity IT Support Small Business Cloud Computing Ransomware Cybersecurity Backup Collaboration User Tips Tech Term Communication Phishing Managed IT Services Windows 10 Managed Service Provider Disaster Recovery Business Management Workplace Tips Internet of Things VoIP Smartphones Android Smartphone Data Management Paperless Office Remote Monitoring Social Media Mobile Device communications Managed Service Facebook Managed IT Encryption Network Browser Server Save Money Quick Tips Office 365 Windows 10 Artificial Intelligence Windows Virtualization Saving Money BDR Miscellaneous BYOD Help Desk Wi-Fi Risk Management Passwords Holiday Business Technology App Automation Vendor Management Password Mobile Device Management Apps Compliance Healthcare Health Government Windows 7 Document Management Laptops Microsoft Office Big Data Bring Your Own Device Recovery Users Chrome Going Green Remote Work Training Bandwidth Avoiding Downtime Applications Analytics Employer-Employee Relationship Robot Gmail Firewall Unified Threat Management Computers Storage Money Data storage Computing Information Blockchain IT Management Redundancy Wireless Mobility Hosted Solution Tip of the week Scam Website File Sharing Project Management Antivirus Telephone Systems SaaS Content Filtering Infrastructure Processor Two-factor Authentication Apple Data Security Office Data loss Vulnerability Politics Gadgets Work/Life Balance IoT Unified Communications Access Control Budget Flexibility Information Technology Operating System Company Culture Printing Downtime Machine Learning Customer Service RMM Tablet Remote Computing Virtual Reality VPN Meetings Proactive Settings Files Customer Relationship Management Software as a Service OneDrive Virtual Private Network Router Regulations Maintenance Social IT Service Net Neutrality Solid State Drive Assessment Monitors Remote Workers How To Digital Payment Current Events Electronic Medical Records Server Management Wireless Technology Legal Alert Hard Drive Websites Identity Theft Internet Exlporer Consultation Licensing Remote Worker Uninterrupted Power Supply Samsung HIPAA How To Electronic Health Records Cooperation Spam Mobile Security Bitcoin WiFi Employees Chromebook YouTube Word Search Monitoring Social Network Recycling Outlook Covid-19 Mouse Utility Computing Consulting Administration File Management Google Drive Upgrades Education LiFi Augmented Reality Payment Cards Dark Web Twitter Managed Services Provider IT solutions Time Management Networking Business Growth Mobile Office Patch Management The Internet of Things Display Co-Managed IT Employee-Employer Relationship Private Cloud Management Mobile Computing End of Support Remote Monitoring and Management Sports Network Management Professional Services Managed Services Smart Technology Hacker Tech Support Unsupported Software Virus Marketing Security Cameras User Management Vulnerabilities Authentication Technology Tips Chatbots Deep Learning Update Disaster Trending Manufacturing Optimization Connectivity Mail Merge Biometric Enterprise Resource Planning Bookmarks Multi-Factor Security Wearable Technology Buisness Technology Laws Point of Sale Transportation Mobile VoIP WPA3 Financial Microsoft Excel Modem Employer/Employee Relationships IT Assessment Features Printer Alerts Touchscreen Techology Cybercrime Virtual Assistant Vendor Permission Distributed Denial of Service Annual Convention Alt Codes Laptop Social Engineering USB VoIP Sponsor Cryptocurrency Mobile Data Lenovo Sync Batteries Geography Authorization Comparison Identity Telephony Hard Disk Drives Virtual Machines Address Public Cloud Projects Gamification Mobile Favorites Google Calendar Statistics Law Enforcement Cyber security Fleet Tracking Procurement Cookies Botnet Proactive Maintenance Digitize Cache Hacks Dark Data Personal Information Disaster Resistance Travel Wasting Time Smart Devices Test Managed IT Service San Diego Typing Remote Working Safety Digital Obstacle Superfish Mobile Device Managment Software Tips ROI High-Speed Internet Specifications Best Practice Solid State Drives Credit Cards Star Wars Notifications Automobile Computer Care Return on Investment Conferencing Legislation IT Technicians Bluetooth Gadget Teamwork Asset Tracking Permissions Nanotechnology Course Database Management Shadow IT Cyberattacks SharePoint Staff Proactive IT Database Sensors MSP Break Fix Social Networking Black Market Spyware Unified Threat Management Hotspot Windows 8 Save Time Notes Development Zero-Day Threat Black Friday Roanoke — Central Technology Solutions Writing Emoji Shortcut GPS Options Holidays Screen Reader Identities Firefox Active Directory Managing Stress Instant Messaging Mirgation Network Congestion Shared resources Windows Server 2008 OneNote Fraud Supercomputer GDPR Outsourcing eWaste Read Only Downloads Computer Repair Heating/Cooling Crowdsourcing IT Consulting Voice over Internet Protocol Tech Terms Motherboard Virtual Desktop IT User Error Language Physical Security G Suite History PowerPoint Value of Managed Services Cables Backup and Disaster Recovery Cyber Monday technology services provider Google Wallet Retail Cortana WannaCry Tracking 5G Smart Tech Hard Drives Google Docs 3D Printing Google Maps Windows Server Enterprise Content Management Finance Migration Hacking Taxes IT Budget Video Conferencing Operations Humor Servers Data Breach Telephone Theft Data Warehousing Processors Wireless Internet Business Telephone Cost Management E-Commerce Computing Infrastructure Office Tips Backups Cabling Wires Human Error Technology Assurance Group ’s 18 Outsource IT Drones IT Consultant Error Web Server Students Regulation Cameras Motion Sickness Hard Disk Drive Administrator CCTV Relocation Peripheral Emergency CrashOverride Printers Webcam