• linkedin
  • Increase Font
  • Sharebar

    What will a malware breach cost a physician practice?

    Editor’s Note: Welcome to Medical Economics' blog section which features contributions from members of the medical community. These blogs are an opportunity for bloggers to engage with readers about a topic that is top of mind, whether it is practice management, experiences with patients, the industry, medicine in general, or healthcare reform. The series continues with this blog by Carol Gibbons, RN, BSN, NHA, who is CEO of CJ Consulting, which specializes in healthcare revenue cycle management. The views expressed in these blogs are those of their respective contributors and do not represent the views of Medical Economics or UBM Medica.


    If you think that you have not had a data breach in your business, you are an ostrich with your head in the sand.  If you have multiple computers in your office and you allow your employees to access their personal email, I can guarantee that you have malware and viruses on some of your computers that your antivirus software is not catching.


    Blog: Change doesn't have to be a bad thing for doctors


    The biggest news recently has been about malware, known as ransomware, encrypting computers and taking the data hostage.   

    The ransomware known as CryptoLocker has been very effective in generating ransom payments.  It is estimated that in late 2013, thieves collected more than $30 million in a short three-month period according to an article by Jim Flynne of Carbonite.

    To pay or not to pay, that is the question

    The latest question is whether to pay the ransom or not.  If you have been keeping up with healthcare IT news, you know that some hospitals have paid the ransom and some have not.  There is no right or wrong answer to that question.  However, with a number of large businesses paying ransom for their data, it is clear that the perpetrators of this theft are getting more brazen and attacking more businesses.


    More from Carol Gibbons: Tips for preparing your practice to survive the millenial patient


    So if you pay to get your data back, how can you be sure that the perpetrators did not leave a back door into your system to come back for another fee?  You also do not know how much data they downloaded without getting an IT professional to go through your computers to see how they got in and what they may have downloaded. 

    Next: Cloud doesn't equal safety

    Carol Gibbons RN, BSN, NHA
    Carol Gibbons brings 30 years of nursing and management experience to CJ Consulting to assist healthcare businesses in revenue cycle ...


    You must be signed in to leave a comment. Registering is fast and free!

    All comments must follow the ModernMedicine Network community rules and terms of use, and will be moderated. ModernMedicine reserves the right to use the comments we receive, in whole or in part,in any medium. See also the Terms of Use, Privacy Policy and Community FAQ.

    • No comments available

    Latest Tweets Follow