HHS' OCR to develop guide on preparing for, responding to ransomware

The Office for Civil Rights at HHS is developing guidance for healthcare organizations to help them better prepare for ransomware attacks, reports Bloomberg BNA.

Deven McGraw, deputy director for health information privacy at HHS' OCR, told Bloomberg BNA the guidance will clarify when a ransomware attack is considered a data breach, a currently murky designation, as ransomware generally just encrypts and prevents access to data instead of extracting the data.

So far, healthcare organizations have not reported ransomware events as breaches, according to the report. However, Ms. McGraw told Bloomberg BNA ransomware events will likely be considered breaches because healthcare organizations still lose control of their data in these events.

More articles on ransomware:

House of Representatives targeted in ransomware attempts 
First known ransomware attack in 1989 also targeted healthcare 
FBI: Hospitals must take ransomware threat seriously 

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.


Featured Whitepapers

Featured Webinars