PHI RansomWare Just Went Up!

Join Our Mailing List


[By Darrell K. Pruitt DDS]

Expect malware entrepreneurs to charge what the market will bear, again and again.

“OCR Releases Guidance on Ransomware: ‘Your Money or Your PHI’”. By Dianne J. Bourque for The National Law Review,” July 12, 2016

Bourque: “A key component of the guidance provides a ransomware attack that encrypts a Covered Entity’s ePHI is presumed to be a breach. As ransomware can infect a Covered Entity’s entire system, this presumption may lead to enormous breach notification obligations.”

Bourque adds: “OCR indicates that when ePHI is encrypted as a result of a ransomware attack, a breach has occurred because the ePHI encrypted by the ransomware was acquired (i.e., unauthorized individuals took possession of the information) and is thus a ‘disclosure’ not permitted under the HIPAA Privacy Rule has occurred.”

When patients are notified of data breaches – for any reason – many will quietly change providers. According to The Ponemon Institute, loss of future income is the most costly result of lawfully reporting data breaches…. and ransomware attacks are at “epidemic” levels. I have heard dentists are paying the ransom quickly.

The disincentives to do the right thing were overwhelming providers even before the OCR’s recent ruling. Such is the ugly nature of extortion.




Your thoughts and comments on this ME-P are appreciated. Feel free to review our top-left column, and top-right sidebar materials, links, URLs and related websites, too. Then, subscribe to the ME-P. It is fast, free and secure.

Speaker: If you need a moderator or speaker for an upcoming event, Dr. David E. Marcinko; MBA – Publisher-in-Chief of the Medical Executive-Post – is available for seminar or speaking engagements. Contact:


Risk Management, Liability Insurance, and Asset Protection Strategies for Doctors and Advisors: Best Practices from Leading Consultants and Certified Medical Planners™



Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: