HHS Preparing Ransomware Guidance for Health Care Organizations
May 26, 2016 09:09 AM
The U.S. Department of Health and Human Services Office for Civil Rights recently announced that it is working on guidance for future release to help health care providers prepare for and prevent ransomware attacks. The remarks were made by Deven McGraw, deputy director for health information privacy, during a recent cybersecurity panel.
According to a subsequent interview with Bloomberg BNA, Ms. McGraw said that the guidance will provide clarification with regards to when a ransomware attack is considered a “breach” so that health care organizations know when to report the incident and notify patients.
Health care organizations are among those facing an increasing threat of ransomware attacks, in which criminals encrypt or block access to important files and demand a ransom to release them.
As NAHC Report previously reported, the Federal Bureau of Investigation (FBI) has already released guidance for organizations and their employees to protect against such attacks.