Ransomware

IoT Devices Top a Long List of 2017 Security Threats

By D’Arcy Gue – It’s worth remembering that 2016 was dubbed the “year of data security” after 90 percent of healthcare providers suffered data breaches in the previous two years. In particular, the Anthem breach of late 2014/early 2015 got everyone’s attention for the sheer magnitude (around 80 million records) of the hack.




New HIPAA Guidance on Ransomware Attacks and ePHI Security

By Bob Grant – HHS Office for Civil Rights has released new guidance about how HIPAA-beholden entities can better equip themselves to deal with ransomware attacks. Ransomware is a targeted kind of malware attack that takes data ‘hostage.’ The attackers responsible then give the organization a countdown to a time at which they expect to receive a ‘ransom’ in exchange for restored access to the withheld data.


HIPAA and Ransomware: OCR Guidance

By Matt Fisher – After promising to provide guidance and insight for a breaking issue, the OCR came out with ransomware guidance under HIPAA. One major issue for debate was whether a ransomware attack constitutes a HIPAA breach. The guidance provides insight into where OCR is coming from and what it expects the industry to do in response to a ransomware attack.



HITRUST Pilot and Combating Ransomware

The Health Information Trust Alliance (HITRUST), the leading organization supporting the healthcare industry in advancing the state of information protection, has released findings from an industry pilot to evaluate methods to improve the collection and sharing of cyber threat Indicators of Compromise (IOCs) and enable their effective consumption by a broad range of organizations.