That was the message companies around the globe found plastered across their computer screens during the WannaCry ransomware attack in May. Though the methods used were unsophisticated, the attack was a large-scale event that affected millions of computers worldwide. This is sobering news for leaders worried about cyber risk.
Hospitals and health systems face unique liability because of medical records. Notably, Britain’s NHS public health system was hit hard by WannaCry, but its patient data does not appear to have been affected. Other health systems may not be as fortunate. Medical records are highly valuable on the black market and are common targets in cyber attacks. As technology, telehealth, and the Internet of Things become more engrained into healthcare, it is vital that cyber security be sufficiently addressed in risk management plans within the industry.
After speaking with a CARF-accredited provider that recently faced a similar attack, we share the following tips.
- Get cyber security insurance. It’s worth it and will connect you with specialty law and consulting firms if needed.
- Back up your systems. This helps IT get things running again.
- Audit and remove nonessential accounts and system access points.
- Strengthen password requirements (length, periodic changes, etc.).
- Consider hiring a third-party consultant to guide a systems review.
- Invest enough resources (funding and attention) for a strong IT department.
- Don’t take it personally. Cyber attacks are often random and untraceable.
Image Courtesy of Pixabay