Imagine having to alert 6,000 patients that their PHI may have been breached, you can no longer care for them, and your career as a private medical practice is ending. Just ask Wood Ranch Medical, a medical group practice in Simi Valley, California. In August, 2019 they became a victim of a ransomware attack–all of their servers and backup hard drives were infected. The company believes the hackers were only interested in ransom money and their patient records were likely not accessed,but will monitor all their patient’s records and have setup a call center to answer any patient questions. Talk about a bad day at the office.
How would you deal with the stress of knowing that patient’s personal data and medical information may be compromised and having to deal with the pain of leaving your dedicated staff unemployed? The extent of the damage to Wood Ranch Medical’s computer system made it impossible for them to recover their data. As a result, they will close their practice on December 17, 2019.
If You Think You’re Safe From Ransomware, Think Again
A recent American Medical Association survey revealed that 83% of physicians have experienced a cyberattack. An attacker does not need much to hack a practice—a single vulnerability is all it takes… And the consequences of having anything less than ironclad protection are rising.
The average downtime of a ransomware attack has jumped to ten days and will cost $133,000 in recovery! (Sophos, 2018) The impact includes ransomware monetary demands, downtime, manpower, device and network costs, lost income and opportunities, and productivity impacts. Recently, a PCIHIPAA client became the victim of a ransomware attack. They believed their IT provider had them protected with their data backup solution, but the data was lost. Once the data breach was reported to us, our Incident response team contacted the doctor and assisted them every step of the way. During the investigation attorneys were retained, forensic data scientists analyzed the network, and the ransom was negotiated. When the office recovered the total bill came out to $199,484.
It is important to know that cybercriminals are striking twice as often in 2019 as they did last year. Smart healthcare providers are asking themselves: How can I make sure my practice isn’t the next victim of a crippling ransomware attack? PCIHIPAA helps practices keep their data safe, compliant, and financially protected.
Four Ways OfficeSafe™ Protects Your Practice
Security is not a quick fix. It is a process that requires expertise, robust technology, and diligence. At PCIHIPAA, our software solution—OfficeSafe™—makes this process efficient and easy. Here’s how:
- Encrypted Cloud Based Data Backup: OfficeSafe™ alleviates the fear of a ransomware attack by providing your practice with a data backup solution that is HIPAA compliant with 256-bit encryption and SQL database restoration. Our centralized management portal was created for medical providers and goes beyond file-and-folder backups, delivering a secure hybrid local and cloud solution. With OfficeSafe™, your practice will have ten days of data backup so that you can easily find a clean data backup set. Multiple backup sets ensure that you won’t to have to pay your hackers in the event of a ransomware attack even if you do not catch the attack immediately.
- Financial Protection: In the event of a ransomware attack or a HIPAA violation, OfficeSafe™ enables your practice to continue doing business by offering a $500,000 data breach and network security insurance policy. The payout can cover HIPAA fines , attorney costs, forensic data scientists, and even lost wages due to a data breach or closure.
- Incident Response Team: OfficeSafe™ is your incident response team! Once you report a data breach to our team, our data breach experts will be by your side throughout the entire processes guiding you through each step.
- Expert Support: By partnering with PCIHIPAA, you’ll have an expert at your side ensuring that you have the best protection possible. The dark forces on the internet are always evolving and finding new ways to hack into computers. Your patients’ medical and billing records contain extremely valuable data, and cybercriminals know you need them in order to do business.
In recognition of National Cybersecurity Awareness Month, PCIHIPAA is offering a FREE HIPAA risk assessment. The greatest disasters in life are often a result of complacency. It took years of hard work to build your practice—don’t let a ransomware attack disrupt your business and ruin your reputation.