Ransomware Attacks Increase 195% in Q1 2019
Ransomware attacks continue to be the cause of major data breaches. Healthcare, in particular, is at a heightened risk. A report was recently released detailing the impact of ransomware attacks, which found a dramatic 195% increase in attacks in the first quarter of 2019 compared to the fourth quarter of 2018.
Ransomware is a type of malware that infects a users’ computer and encrypts files. The hackers then demand a ransom in order for users to regain access to their data.
The findings of the report were based on data collected across the first quarter of 2019 between January 1 and March 31. In addition to the 195% increase since Q4 2018, the report uncovered that the prevalence of ransomware attacks jumped by over 500% when compared to the first quarter of 2018.
With this alarming rise in the prevalence of ransomware, it’s never been more important for health care providers to address their risks.
Healthcare Ransomware Prevention
Healthcare continues to be disproportionately targeted for ransomware attacks. That’s because health care data is worth three times as much as financial data alone on the dark web.
Telehealth providers are a heightened risk of cybersecurity incidents in general because of the digital nature of their business. With so much digital healthcare data being maintained and transferred between patients and providers, telehealth providers must take precautions to keep that data safe.
HIPAA regulation sets specific security standards that all healthcare providers must have in place to protect sensitive data. By becoming HIPAA compliant, telehealth providers can implement an effective means of protecting against healthcare ransomware incidents and devastating data breaches. With an effective HIPAA compliance program, telehealth providers will be able to address:
- HIPAA training: Effective HIPAA training will educate staff members about how to avoid falling victim to cybersecurity attacks such as phishing scams and ransomware.
- Security policies and procedures: By having effective policies and procedures in place, you can ensure that you have properly documented your compliance. In the event of a data breach or healthcare ransomware incident, this will be invaluable for avoiding HIPAA fines.
- HIPAA encryption and data backup: HIPAA regulation sets specific standards for encrypting data. Implementing full-disc encryption with offsite data backup will protect your business in the event of a ransomware attack.
If you need assistance with HIPAA compliance, consider working with our TBHI affiliate, the HIPAA Compliancy Group. (When you purchase services from them, TBHI will be paid a small commission.) They can help you support your HIPAA compliance with The Guard®. The Guard is a web-based HIPAA compliance solution, built by former auditors to help simplify compliance. The Guard is built to address the HIPAA regulations, including guided walkthroughs of HIPAA Risk Assessments. With The Guard, you can focus on running your practice while keeping your patients’ data protected and secure. Compliancy Group’s team of expert Compliance Coaches® can also field questions and guide you through the implementation process, taking the stress out of managing compliance. Find out more about how Compliancy Group and the HIPAA Seal of Compliance® can help simplify your HIPAA compliance today!
Ransomware hackers attack smaller healthcare practices daily, creating serious data breaches and HIPAA violations. Are you and your clients/patients vulnerable, too?
Managing social media use and HIPAA compliance can lead to some of the most common misunderstandings faced by healthcare providers. Improperly trained employees can expose your organization to HIPAA violations and costly fines!
Disclaimer: The views and opinions expressed in the article and on this blog post are those of the authors. These do not necessarily reflect the views, opinions, and position of the Telebehavioral Health Institute (TBHI). Any content written by the authors are their opinion and are not intended to malign any organization, company or individuals.