HHS' OCR to develop guide on preparing for, responding to ransomware
The Office for Civil Rights at HHS is developing guidance for healthcare organizations to help them better prepare for ransomware attacks, reports Bloomberg BNA.
Deven McGraw, deputy director for health information privacy at HHS' OCR, told Bloomberg BNA the guidance will clarify when a ransomware attack is considered a data breach, a currently murky designation, as ransomware generally just encrypts and prevents access to data instead of extracting the data.
So far, healthcare organizations have not reported ransomware events as breaches, according to the report. However, Ms. McGraw told Bloomberg BNA ransomware events will likely be considered breaches because healthcare organizations still lose control of their data in these events.
More articles on ransomware:
© Copyright ASC COMMUNICATIONS 2017. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.