Fight Ransomware
Designed Exclusively for Medical and Dental Offices

OfficeSafe - HIPPA Compliance

We Guarantee You Will Not Pay a Ransom.

Ransomware is Real

Statistics show that a business is hit every 40 seconds by a criminal attack. Your data is under attack by cyber criminals and if you’re not taking the proper precautions your practice, your patient’s information, and your reputation is at risk.

If you are the victim of Ransomware

If your organization is the victim of a ransomware attack, please contact law enforcement immediately. We recommend organizations contact their FBI Field Office Cyber Task Force immediately to report a ransomware event and request assistance. These professionals work with state and local law enforcement and other federal and international partners to pursue cyber criminals globally and to assist victims of cyber – crime. Victims are also encouraged to report cyber incidents to the US-CERT and FBI’s Internet Crime Complaint Center.

Contacting the FBI does not mean the practice is required to notify their patients.  This is just smart to notify law enforcement.

Wannacry Talos – Healthcare Ransomware Attack
Wannacry-talos - Healthcare Ransomware Attack

WannaCry Ransomware Sample Screen

Upatre Malware - Healthcare Ransomware

UPATRE Malware Sample Email

Emotet Healthcare Malware Ransomware

Emotet Malware Sample Word Document Screen

Cerber Malware - Healthcare Ransomware

Cerber Ransomware Sample Screen

Wannacry Talos – Healthcare Ransomware AttackUpatre MalwareEmotet MalwareCerber Malware

58% of all Ransomware attacks in
2017 targeted the Healthcare Industry

Via Cylance 2017 Threat Report

What You Need To Know
About Ransomware


10 Easy Steps to Avoid Ransomware

1) Don’t Click, Download, or Open Emails From Unknown Sources

Email is the #1 way ransomware spreads into your network. Watch out for files attached to emails particularly those with an .exe extension.

email inbox - healthcare ransomware
Healthcare Encrypted Cloud Backup

2) Use an Encrypted Cloud Data Backup Service

Encryption makes it difficult, if not impossible, for a hacker to decrypt your sensitive information. Also, if you can prove your data was encrypted, a ransomware attack does not have to be reported to your patients or The Department of Health and Human Services. Encrypted your data is critical.

3) Store Multiple sets of Backups

Keeping only one data backup set is not enough. Keep multiple days to prevent rewriting a clean backup set with a dirty one. Multiple backups also allow you to easily restore your data with the most update to date version in the case of a ransomware attack.

Healthcare Encrypted Cloud Data Backup
healthcare cyber-security- data compliant

4) Automatically Update Operating Systems, Firewalls, and Anti-Virus Software

Malicious software is created every day. Make sure your network is continuously updated with the latest security patches

5) Turn Off Your Computers At Night

When you leave your computers on they are connected to the internet and ripe for intrusion.

Healthcare Server - HIPPA Compliance - Avoid Ransomware
Defeat Ransomware - Encrypted Wifi

6) Keep Your Wireless Network Secure

If you have a Wi-Fi network for your workplace, make sure it is secure, encrypted, and hidden.

7) Change Passwords

Make sure your team is not using easily recognized passwords like “Password123” or “Practice Name+Address”.
Hackers know the most common passwords. Update them every 6 months and don’t allow your employees to share logins and passwords.

Ransomware - Most Common Passwords
HIPPA Cyber Insurance - PCIHIPAA - Healthcare Cyber data insurance

8) Obtain Cyber Insurance

You can take every precaution, but there are no guarantees. Having insurance as a backstop should be a key component of your data security plan.

9) Be Proactive

Don’t wait until a ransomware attack happens. Be proactive and have a plan in place so everyone knows what to do. If you do ever experience an attack, immediate turn off all computers and backup procedures.

Certified HIPPA Compliance
HIPPA Compliance - Employee Training

10) Engage Your Employees

Be present in the training meeting. Teach your employees to be the eyes and ears of your practice and to help spot suspicious emails and behaviors that can damage your practice and your reputation.

SEE WHAT OUR CLIENTS HAVE TO SAY:

After taking the free online HIPAA Risk Assessment offered by AAOMS, I realized our practice could use help with our information security needs. Our practice signed up with OfficeSafe by PCIHIPAA through AAOMS in August 2016. The staff is so helpful and friendly and I finally feel that our practice is on the right path toward being compliant. OfficeSafe has put together binders along with the online portal to help guide us to our way of compliance. All of the policies are prepared in addition to any forms we may need. Using the online videos for our employee meeting made the employees feel well informed. The stress of not having to worry if we are compliant is so worth it. I highly recommend the PCIHIPAA program to help with your office HIPAA and security obstacles.

Oral Surgery & Implant Specialists
Dakota Dunes, South Dakota