HIPAA Horror Stories

Ransomware Catastrophe

one-minute read

A Midwest Ear, Nose and Throat practice shut down permanently after hackers breached office computers and held data hostage, reports The Minneapolis Star Tribune.

Criminals targeted the Brookside ENT of Battle Creek, Michigan, in an April Ransomware attack that completely locked the hard drives of the two-physician office. The doctors were told to pay $6,500 for a password the attackers promised would unlock the data, which comprised all patient electronic health records (EHRs). 

Rather than pay, Drs. William Scalf and John Bizon chose to shutter their office permanently. The doctors told the newspaper they had no assurances the password would work or that the hackers wouldn’t return. Patients were stranded. 

While early retirement may be appealing, the doctors are not off the hook. In most cases, ransomware attacks qualify as reportable health data breaches under HIPAA.  

Ransomware attacks often begin when a victim opens a harmless-looking email, which contains code that locks an entire drive. In the case of Brookside ENT, even the backup data was locked up. That’s because automatic backup software simply passed the ransomware up to the cloud or other connected backup drive.

Cybersecurity experts applauded the doctors for refusing to pay the ransom, but say multiple backups are required to prevent catastrophic data loss. The HIPAA Security Rule is a blueprint to protect against Ransomware attacks and maintain and recover data. 

The HIPAA E-Tool® makes compliance fast and easy. Get your free HIPAA Quick Start kit, complete with a webcam privacy guard, HIPAA Hot Zone labels and a HIPAA checklist delivered directly to your office.

Don’t become a HIPAA Horror Story! HIPAA compliance is easy, when you know the rules.

Request A Demo

Copyright © 2020 ET&C Group LLC.

The HIPAA E-Tool® and Protecting Patient Privacy is Our Job®
are registered trademarks of ET&C Group LLC

Terms of Service | Privacy Policy

Powered by JEMSU

Mailing Address
The HIPAA E-Tool
PO Box 179104
St. Louis, MO 63117-9104

8820 Ladue Road Suite 200
Saint Louis, MO 63124

You may have questions about COVID-19 and HIPAA. We have answers. 

We are open and answering questions about all the new modifications and waivers, coming from HHS, OCR, CMS, and the new CARES act.

If you need help with HIPAA during the COVID-19 pandemic, fill in the form, and we’ll get back to you.

Free hipaa kit!

hipaa compliance Quick start kit
Delivered free