As ransomware attacks started becoming a bigger threat to hospitals, the feds largely remained silent on the specific steps facilities should take to keep patients’ protected health information (PHI) safe. Now, the U.S. Department of Health & Human Services (HHS) has finally issued clear guidance about ransomware for healthcare providers.
Currently, cybercriminals are growing more interested in hacking medical records to get unauthorized access to patients’ PHI.
They’ll either sell the information on the black market (as evidenced by a recent scandal where a hacker advertised the sale of millions of medical records online) or they’ll hold it hostage in exchange for a ransom payment.
