skip to Main Content

Fight Ransomware
Designed Exclusively for Medical and Dental Offices

OfficeSafe - HIPPA Compliance

Learn How To Fight Ransomware and Never Pay a Ransom.

Reported by KPRC2 in Houston, Texas

Ransomware is Real

Statistics show that a business is hit every 40 seconds by a criminal attack. Your data is under attack by cyber criminals and if you’re not taking the proper precautions your practice, your patient’s information, and your reputation is at risk.

If you are the victim of Ransomware

If your organization is the victim of a ransomware attack, please contact law enforcement immediately. We recommend organizations contact their FBI Field Office Cyber Task Force immediately to report a ransomware event and request assistance. These professionals work with state and local law enforcement and other federal and international partners to pursue cyber criminals globally and to assist victims of cyber – crime. Victims are also encouraged to report cyber incidents to the US-CERT and FBI’s Internet Crime Complaint Center. Contacting the FBI does not mean the practice is required to notify their patients.  This is just smart to notify law enforcement.

58% of all Ransomware attacks in 2017 targeted the Healthcare Industry

Via Cylance 2017 Threat Report

What You Need To Know About Ransomware

    10 Easy Steps to Fight Ransomware

    1) Don’t Click, Download, or Open Emails From Unknown Sources
    Email is the #1 way ransomware spreads into your network. Watch out for files attached to emails particularly those with an .exe extension.

    email inbox - healthcare ransomware
    email inbox - healthcare ransomware
    wannacry-talos - healthcare ransomware attack

    WannaCry Ransomware Sample Screen

    upatre malware - healthcare ransomware

    UPATRE Malware Sample Email

    Emotet Healthcare Malware Ransomware

    Emotet Malware Sample Word Document Screen

    Cerber Malware - Healthcare Ransomware

    Cerber Ransomware Sample Screen

    email inbox - healthcare ransomware wannacry-talos - healthcare ransomware attack upatre malware - healthcare ransomware Emotet Healthcare Malware Ransomware Cerber Malware - Healthcare Ransomware
    Healthcare Encrypted Cloud Backup

    2) Use an Encrypted Cloud Data Backup Service

    Encryption makes it difficult, if not impossible, for a hacker to decrypt your sensitive information. Also, if you can prove your data was encrypted, a ransomware attack does not have to be reported to your patients or The Department of Health and Human Services. Encrypting your data is critical.

    3) Store Multiple sets of Backups

    Keeping only one data backup set is not enough. Keep multiple days to prevent rewriting a clean backup set with a dirty one. Multiple backups also allow you to easily restore your data with the most update to date version in the case of a ransomware attack.

    Healthcare Encrypted Cloud Data Backup
    healthcare cyber-security- data compliant

    4) Automatically Update Operating Systems, Firewalls, and Anti-Virus Software

    Malicious software is created every day. Make sure your network is continuously updated with the latest security patches

    5) Turn Off Your Computers At Night

    When you leave your computers on they are connected to the internet and ripe for intrusion.

    Healthcare Server - HIPPA Compliance - Avoid Ransomware
    Defeat Ransomware - Encrypted Wifi

    6) Keep Your Wireless Network Secure If you have a Wi-Fi network for your workplace, make sure it is secure, encrypted, and hidden.

    7) Change Passwords

    Make sure your team is not using easily recognized passwords like “Password123” or “Practice Name+Address”. Hackers know the most common passwords. Update them every 6 months and don’t allow your employees to share logins and passwords.

    Ransomware - Most Common Passwords
    HIPPA Cyber Insurance - PCIHIPAA - Healthcare Cyber data insurance

    8) Obtain Cyber Insurance
    You can take every precaution, but there are no guarantees. Having insurance as a backstop should be a key component of your data security plan.

    9) Be Proactive

    Don’t wait until a ransomware attack happens. Be proactive and have a plan in place so everyone knows what to do. If you do ever experience an attack, immediately turn off all computers and backup procedures.

    Certified HIPPA Compliance
    HIPPA Compliance - Employee Training

    10) Engage Your Employees
    Be present in the training meeting. Teach your employees to be the eyes and ears of your practice and to help spot suspicious emails and behaviors that can damage your practice and your reputation.


    After taking the free online HIPAA Risk Assessment offered by AAOMS, I realized our practice could use help with our information security needs. Our practice signed up with OfficeSafe by PCIHIPAA through AAOMS in August 2016. The staff is so helpful and friendly and I finally feel that our practice is on the right path toward being compliant. OfficeSafe has put together binders along with the online portal to help guide us to our way of compliance. All of the policies are prepared in addition to any forms we may need. Using the online videos for our employee meeting made the employees feel well informed. The stress of not having to worry if we are compliant is so worth it. I highly recommend the PCIHIPAA program to help with your office HIPAA and security obstacles.

    Oral Surgery & Implant Specialists Dakota Dunes, South Dakota

    Back To Top