Support our online development, and advance our onground research initiatives in free market economics, as we seek to showcase the brightest Next-Gen minds.
THE ME-P DISCLAIMER: Posts, comments and opinions do not necessarily represent iMBA, Inc., but become our property after submission. Copyright © 2006 to-date. iMBA, Inc allows colleges, universities, medical and financial professionals and related clinics, hospitals and non-profit healthcare organizations to distribute our proprietary essays, photos, videos, audios and other documents; etc. However, please review copyright and usage information for each individual asset before submission to us, and/or placement on your publication or web site. Attestation references, citations and/or back-links are required. All other assets are property of the individual copyright holder.
[By Darrell K. Pruitt DDS]
Expect malware entrepreneurs to charge what the market will bear, again and again.
“OCR Releases Guidance on Ransomware: ‘Your Money or Your PHI’”. By Dianne J. Bourque for The National Law Review,” July 12, 2016
http://www.natlawreview.com/article/ocr-releases-guidance-ransomware-your-money-or-your-phi
Bourque: “A key component of the guidance provides a ransomware attack that encrypts a Covered Entity’s ePHI is presumed to be a breach. As ransomware can infect a Covered Entity’s entire system, this presumption may lead to enormous breach notification obligations.”
Bourque adds: “OCR indicates that when ePHI is encrypted as a result of a ransomware attack, a breach has occurred because the ePHI encrypted by the ransomware was acquired (i.e., unauthorized individuals took possession of the information) and is thus a ‘disclosure’ not permitted under the HIPAA Privacy Rule has occurred.”
When patients are notified of data breaches – for any reason – many will quietly change providers. According to The Ponemon Institute, loss of future income is the most costly result of lawfully reporting data breaches…. and ransomware attacks are at “epidemic” levels. I have heard dentists are paying the ransom quickly.
The disincentives to do the right thing were overwhelming providers even before the OCR’s recent ruling. Such is the ugly nature of extortion.
Assessment
Cha-ching!
Conclusion
Your thoughts and comments on this ME-P are appreciated. Feel free to review our top-left column, and top-right sidebar materials, links, URLs and related websites, too. Then, subscribe to the ME-P. It is fast, free and secure.
Speaker: If you need a moderator or speaker for an upcoming event, Dr. David E. Marcinko; MBA – Publisher-in-Chief of the Medical Executive-Post – is available for seminar or speaking engagements. Contact: MarcinkoAdvisors@msn.com
OUR OTHER PRINT BOOKS AND RELATED INFORMATION SOURCES:
- PRACTICES: www.BusinessofMedicalPractice.com
- HOSPITALS: http://www.crcpress.com/product/isbn/9781466558731
- CLINICS: http://www.crcpress.com/product/isbn/9781439879900
- ADVISORS: www.CertifiedMedicalPlanner.org
- FINANCE: Financial Planning for Physicians and Advisors
- INSURANCE: Risk Management and Insurance Strategies for Physicians and Advisors
- Dictionary of Health Economics and Finance
- Dictionary of Health Information Technology and Security
- Dictionary of Health Insurance and Managed Care
***
Share this:
Filed under: iMBA, Inc., Information Technology, Pruitt's Platform | Tagged: D. Kellus Pruitt DDS, Dianne J. Bourque, HIPAA, malware entrepreneurs, OCR, PHI, RansomWare |
The Leading Business Education Network for Doctors, Financial Advisors and Health Industry Consultants 
Leave a comment