10 Steps to take when (not if) you're hit with a ransomware attack

Ransomware. It's become an almost weekly headline in the healthcare industry. Hospitals in California, Washington, D.C., Texas, and other areas of the country have found themselves at the mercy of hackers who are able to completely paralyze the IT infrastructure. What's at stake?

Patient care, Protected Health Information (PHI) of countless patients and the reputation of the hospital. Phishing seems to be the main mode of attack, meaning that the opening of a single seemingly harmless email could put a healthcare organization on the hook for thousands, maybe millions of dollars if they don't comply with the hacker's demands. That cost doesn't even include the possibility of severe HIPAA fines if any PHI is compromised.

Taking Action Against Ransomware
As a health IT professional, what can you do if faced with a ransomware attack? Swift and immediate action must be taken as time is of the essence. Below are several steps that your team can take to limit the amount of damage caused by ransomware:

1. Turn off Internet access through Firewall including VPN access.

2. Disconnect the email server, then find and remove all ransomware emails.

3. Lock all User Accounts on Active Directory so that users can no longer access the computers to block spreading of ransomware.

4. Expire all Passwords (most importantly the IT Admin Passwords).

5. Use Cloud-based Secure Texting service on Personal Smartphones to carry on care coordination. Use Texting, Images, Audio and Video to start collaborating on patient care to reduce errors in the absence of access to EMR.

6. Clinicians should create secure texting conversation threads around patient names to capture documentation that can be included back in the EMR after the crisis.

7. Reimage computers infected by Ransomware.

8. Turn on Active Directory and allow access to EMR internally.

9. Turn on Internet access through Firewall and Email Server. Monitor Emails.

10. Now Sync all patient centric conversations from the Secure Texting service with EMR.

While containing and eradicating the ransomware, use the broadcasting feature of your secure texting service to keep everyone in the loop. Since Cloud-Based Secure Texting is not dependant on your internal IT network, it will be unaffected during a Ransomware attack or even a natural disaster. It provides reliable communication even in difficult situations

About QliqSOFT:

QliqSOFT is the developer of Qliq, a secure, HIPAA and HITECH-compliant healthcare communication platform that connects doctors, nurses, and other medical professionals as well as their staff. For more information about Qliq and its features, please visit www.qliqsoft.com.

The views, opinions and positions expressed within these guest posts are those of the author alone and do not represent those of Becker's Hospital Review/Becker's Healthcare. The accuracy, completeness and validity of any statements made within this article are not guaranteed. We accept no liability for any errors, omissions or representations. The copyright of this content belongs to the author and any liability with regards to infringement of intellectual property rights remains with them.​

© Copyright ASC COMMUNICATIONS 2018. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

 

Top 40 Articles from the Past 6 Months