Ransomware is prevalent in the healthcare industry because patient electronic health information (ePHI) data is critical to the provision of patient care, and the criminals who leverage ransomware also know that institutions are usually willing to pay in order to get their access to that information back.

There are, however, several steps that healthcare providers can take to reduce the chances that their ePHI access will be blocked by ransomware, and to mitigate at least some of the damage should it occur. These steps include:

• Review the security of your ePHI and the software used to access ePHI before allowing it to enter your business’s environment. Often times, vendor contracts contain some form of security assurances.

• Develop plans for dealing with various kinds of cyberevents, including one for a potential ransomware attack.

• Train your employees to be suspicious of everything online, including any emails that are not immediately recognizable (teach them to recognize phishing), and tell them not to download anything from unapproved sources.

• Back up ePHI and other data on a regular basis. Ideally, backups should be commenced offline so that your data doesn’t become compromised by ransomware. If it becomes necessary to rely on backup data, you should always verify the integrity of backup data before accessing it.

• Utilize access controls. Ensure that secure administrative rights are only available to designated users.

Contact us today to learn how Capital Business Systems can help keep your business and your data safe.