Recorded: October 18, 2017
CEU: 1.0 – Privacy and Security
Healthcare has experienced an increase in cyber-attacks: hacking, phishing, ransomware and other malicious software. Experts anticipate that cyber-attacks will continue to specifically target the healthcare industry.
Phishing is the most common way ransomware is delivered. More than 20% of email recipients open phishing emails and approximately 12% click on an attachment or embedded link. Unfortunately, just one computer user clicking on one link within an email or while visiting a website can lead to a catastrophic compromise of the hospital’s data or infrastructure.
The danger posed by cyber-attacks has also become a patient safety issue. The ‘WannaCry’ and ‘Petya’ ransomware attacks affected many healthcare organizations, including wreaking havoc for the National Health Service in the United Kingdom.
If a healthcare organization does experience ransomware, it must also determine if there is a reportable breach.
- Provide an overview of the evolving cybersecurity landscape: Threats, threat agents, malicious code, etc.
- Explain phishing and ransomware
- Describe the process for properly investigating, containing, and recovering from an incident
- Discuss the challenges of treating ransomware as a breach unless the organization can prove differently, per the Office for Civil Rights (OCR)
- Discuss tips for preventing ransomware