Download/Print Risk Alert (PDF)

There are valid indications that there is a current surge in cyber-attacks, such as ransomware attacks, against healthcare facilities, including dental facilities. Ransomware is a type of malware (malicious software) that attempts to deny access to a user’s data, usually by encrypting the data with a key known only to the hacker who deployed the malware, until a ransom is paid. After the user’s data is encrypted, the ransomware directs the user to pay the ransom to the hacker to receive a decryption key.
The health care industry was the most targeted industry in the first quarter of 2018. It is thought that the complexity and aging of IT systems used by health care institutions is the cause of this increasingly serious situation. It is strongly advised that all dental offices using any form of internet communications or data/storage via the internet protect themselves by taking actions such as:
  1. Backing up at least daily and keeping backup copy off site.
  2. Review all attachments and do not open if from an unknown source.
  3. Continuously update anti-virus and anti-malware programs.
In fact, the HIPAA Security Rule requires implementation of security measures that can help prevent the
introduction of malware, including ransomware. Failure to follow the proper steps can lead to serious confidentiality and HIPAA violations.
The U.S. Department of Health and Human Services (HHS) has detailed information on actions healthcare entities, including dental offices, should take to help prevent malware infections, and what to do if you suspect that your organization is experiencing a cyber-attack. Review the following 3 resources for additional information: