Latest News

Docs refused to pay the cyber attack ransom – and suffered


 

Fines for lax privacy/security

Breaches of patient records have consequences that include being investigated by federal or state authorities for potential HIPAA privacy and security violations and fines. Recently, the HHS announced a $1.5 million settlement – the largest to date – with Athens Orthopedic Clinic, PA, in Georgia, for not complying with the HIPAA rules.

When breaches of 500 or more patient records occur, medical groups are required to notify the HHS Office of Civil Rights (OCR) within 60 days, as well as all the affected patients and the media. Some organizations offer free credit monitoring and identity theft protection services to their patients.

Information about the breaches, including company names and the number of affected individuals, is posted publicly on what cyber experts often call “OCR’s wall of shame.”

Strengthen your defenses

The FBI and the HHS warned health care professionals and organizations in 2020 about the threat of increasing cyber attacks and urged them to take precautions to protect their networks.

Here are five actions you can take:

  • Back-up your files to the cloud or off-site services and test that the restoration works.
  • Implement user training with simulated phishing attacks so the staff will recognize suspicious emails and avoid actions that could launch malware attacks.
  • Ensure strong password controls and that systems are regularly patched.
  • Require multifactor authentication for remote access to IT networks.
  • Set anti-virus/anti-malware programs to conduct regular scans of IT network assets using up-to-date signatures.

A version of this article first appeared on Medscape.com.

Pages

Recommended Reading

Is it OK to just be satisfied?
MDedge Family Medicine
Fixing the maternal health problem in the U.S.: Signs of hope?
MDedge Family Medicine
More Americans skipping medical care because of cost, survey says
MDedge Family Medicine
Mistake: Doc does vasectomy instead of circumcision; patient sues; more
MDedge Family Medicine
Medicare insulin negotiations seen saving $17 billion
MDedge Family Medicine
Califf plans work on opioids, accelerated approvals on return to FDA
MDedge Family Medicine
Pill mill psychiatrist gets prison; must forfeit cash, luxury cars
MDedge Family Medicine
FDA agrees that mifepristone is safe enough to dispense by mail
MDedge Family Medicine
CVS, Walmart plan bigger in-store clinics: Will primary care practices suffer?
MDedge Family Medicine
Medicaid implements waivers for some clinical trial coverage
MDedge Family Medicine