This afternoon a worldwide ransomware attack was discovered that affects hospitals and healthcare information systems. (It also attacked financial organizations, telecommunications and others.) Quoting Laura Wolf, Critical Infrastructure Protection Lead from the U.S. Department of Health and Human Services,

“HHS is aware of a significant cyber security issue in the UK and other international locations affecting hospitals and healthcare information systems. We are also aware that there is evidence of this attack occurring inside the United States. We are working with our partners across government and in the private sector to develop a better understanding of the threat and to provide additional information on measures to protect your systems. We advise that you continue to exercise cyber security best practices – particularly with respect to email.”

Others recommend checking immediately to ensure that all systems are fully patched with the “MS17-010” security update (link below) and remind all staff to “Think Before You Click” when they receive any out of the ordinary emails.  https://technet.microsoft.com/en-us/library/security/ms17-010.aspx

If you have questions, contact us at info@hipaaetool.com, and stay in touch with your security officials, HHS and your professional organizations for advice and support.