You’ve been breached. Now what? Perhaps valuable patient data has been stolen. Maybe hackers are asking for ransom in exchange for your own data that is now under their control. Hackers work 24x7 planning breaches and attacks to get your valuable patient health information – and they have a high rate of success. The breach or the attack itself is not the biggest problem – being unprepared for it is!
An incident response plan is a step-by-step guide for you to be able to quickly take action if you are affected by a breach, ransomware, or any security incident.
There is a range of attacks that can be carried out against a facility, so the first step in creating an incident response plan is to identify them all. If an attack has taken place, first you need to detect it and determine what has happened. The next step is to contain the problem and take corrective action, which may be different under various conditions. There may be legal repercussions, communications to patients and government entities (State Attorney-Generals, Office for Civil Rights), data recovery and so much more to be done.
Recently, multiple hospitals have been in the news for being victims of ransomware attacks in which their computer systems and/or data were locked down and would only be returned if a ransom was paid. Patients and treatments were impacted and the hospitals practically came to a standstill, losing revenue and impacting their reputations. In more than one case, ransoms were paid to return to normalcy. If clear incident response plans had been in place and current, these issues could have been addressed with different outcomes.
The underground black market has become a thriving scene for private health data. Medical records fetch the highest price, making hospitals and medical facilities a prime target for cyber-attacks and be at risk of intrusions. HIPAA Compliance requirements for the healthcare industry have become quite stringent. Considering that more often than not, your patients’ data and lives may be adversely impacted by these attacks, can you afford to not have an incident response plan for your facility?