Ransomware Data Breach at Cleveland Medical Associates
Posted: July 10, 2017 to Compliance.
Cleveland Medical Associates was hit with ransomware back in April and has ordered identity protection service for the roughly 22,000 patients whose identities were at risk. "Wait a second," you might be saying. "They need to order identity protection service because of ransomware?" Possibly. Regulators are starting to classify ransomware as a data breach, particularly in the healthcare industry where any sort of access to private health data could be a HIPAA violation. After all, the malware locks away data, so it is possible that it could access it as well. The best way to prevent a ransomware infection, or most any malware infection, is to make sure your employees receive security awareness training. A large portion of infections result from opening infected email attachments or visiting malicious websites. Update: A previous edition of this post named the victim as the Cleveland Clinic instead of Cleveland Medical Associates.