Home / Technology / HHS Issues Guide to Protect Electronic Health Info from Ransomware

HHS Issues Guide to Protect Electronic Health Info from Ransomware

health infosecThe Department of Health and Human Services has released new guidance to help healthcare organizations protect electronic health information systems from ransomware attacks.

HHS’ civil rights office developed the guidance to identify electronically-protected health information threats, mitigate the identified risks, implement security procedures, train users to detect malware, control ePHI access and maintain a disaster recovery plan, the HHS said July 11.

The guidance is part of efforts to help healthcare organizations comply with the requirements of the Health Insurance Portability and Accountability Act.

Other topics introduced by the guidance cover potential ways to understand and detect ransomware, implement security responses and mitigate impacts of ransomware.

HHS noted that ransomware works to encrypt data and demand ransom payment in the form of a cryptocurrency from the victim user in exchange for the decryption key.

“HIPAA covered entities and business associates are required to develop and implement security incident procedures and response and reporting processes that are reasonable and appropriate to respond to malware and other security incidents,” HHS said.

Check Also

DOE Funding Emerging Quantum Science Research Efforts

The Department of Energy intends to award $45M in funding for chemical and materials research supporting the emerging quantum information science domain, DOE said Wednesday. The department expects the multidisciplinary QIS field to spearhead efforts involving information processing, next-generation computing, sensing applications and related innovative technology.

Leave a Reply

Your email address will not be published. Required fields are marked *