In: Nursing
This assignment allows us to view several historical/memorable occurrences in the healthcare field that have/will shape our future landscape
400,000 COLUMBIA SURGICAL PATIENT RECORDS BREACHED
On February 18, Columbia Surgical Specialists of Spokane reported a breach to the Department of Health and Human Services, which impacted 400,000 patients. Currently, there’s no public breach notice on the Columbia Surgical site, so not much is known as to the extent of the attack. The cyberattack is being reported as ransomware, which hit the specialist on January 7. The provider did not pay the ransom, and the encrypted files were restored from backups.
please I need help
Columbia Surgical Specialists in Spokane city of Washington
impacted by a ransomware attack, which has possibly allowed
unauthorized individuals access to Protected Health Information
(PHI) of around 400,000 patients. The Columbia Surgical Specialists
came to know about this ransomware attack on Jan. 9, 2019. This
security breach was then investigated immediately, and assistance
has been provided by Intrinium, the IT security provider.
Files that were encrypted by ransomware contain patient
information, including names, Social security numbers, driver's
license numbers and various other types of PHI.
HIPAA Journal has been told by the Columbia Surgical Specialists
that data security firm "went through our systems with a fine-tooth
comb". The data security firm concluded that the patient data was
not stolen by attackers, "but due to the nature of the ransomware
and how the infection first began, there cannot be a guarantee".
However, Columbia Surgical Specialists thinks that risk to the
patients has been very low, and the notification sent to the
patients is just a precautionary step.
The vulnerability that has been exploited in order to have access
to Columbia Surgical Specialists network server for installing the
ransomware was addressed. Moreover, the internal protocols along
with procedures are getting reviewed by Columbia Surgical
Specialists to prevent the future attacks.
Columbia Surgical Specialists were very open about this breach.
They confirmed that for recovering the patient files, decision has
been taken to pay ransom demand. Around $14,650 was paid in the
cryptocurrency for decrypting the file that was encrypted by this
ransowmare.
"We received notice from the people that encrypted the files just a
few hours before several patients were scheduled for surgeries, and
they made it clear we would not have access to patient information
until we paid a fee," stated the Columbia Surgical Specialists. "We
quickly determined that the health and well-being of our patients
was the number one concern, and when we made the payment they gave
us the decryption key so we could immediately proceed unlocking the
data".
The breach notification that has been sent to the patients provides
certain insight about the nature of the breach investigations and
the reason behind taking so long for issuing notifications to the
patients.
The security breach has been reported to Department of Health and
Human Services' Office for Civil Rights on Feb. 18, 2019.