Experts say that Ransomware is on the rise and there is discussions going on about whether Ransomware like data breaches must be reported to the government when medical information is on your PCs or Servers (this may include employee information as well).

It’s important to remember that just because you have been hit once, does not mean you won’t be hit again multiple times with different variants.

The United States Department of Health and Human Services Office for Civil Rights (OCR) has put out some guidance about ransomware.

• Prove low probability that ePHI has been compromised and a ransomware attack may not be considered a reportable breach.
• Employ a contingency plan involving disaster recovery, emergency preparedness, continuous backups, and testing.
• Develop and implement security incident response and reporting processes.
• Determine the ransomware variant and whether the data was exfiltrated.
• Maintain backups offline and conduct periodic test restorations.
• Train authorized users on best practices for detecting and responding to ransomware.
• Implement endpoint validation to ensure that ransomware did not execute other malware to infiltrate additional network nodes or endpoints.
• Recover from ransomware attack by restoring data lost during the attack.