HIPAA Journal posted an article about a New Jersey Spine Center that suffered a ransomware attack, which resulted in their Electronic Health Records (EHR) getting encrypted, among other things. As you read the article, I want you to think about 4 things besides the obvious antivirus question:

  1. Is your staff properly trained to identify malicious emails and what to do if they receive one?
  2. Are your Breach and Disaster Recovery Plans up to date and tested?
  3. Do you have local and offsite cloud backups?
  4. Do you have event logging enabled to capture recent network activity?

 

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.