PRACTICE PARTNER
Physicians Urged
to be on Alert for
Ransomware Threat
I
n the wake of a spate of ransomware attacks on
physicians’ computer systems, doctors are being
urged to take steps to both protect their com-
puter systems from malware and mitigate the
damage from a possible malware incident.
In July, the Canadian Medical Protective Association
(CMPA) published an article on its website reporting
that it had been contacted recently by a number of
physicians who have had their practices disrupted by
ransomware demands.
Ransomware is initiated when someone unknow-
ingly opens an email attachment containing a ran-
somware virus. It denies the user access to their data
by encrypting the data with a key known only to the
hacker who has deployed the malware. After the user’s
data is encrypted, the ransomware directs the user to
pay a ransom (usually in Bitcoin) in order to receive a
decryption key and regain access to their files.
Ransomware presents serious issues for doctors and
their patients. First, patient care may be delayed if their
doctor cannot access their electronic medical records.
Second, because ransomware may allow hackers to
access personal health information contained in the
electronic files, a ransomware incident should be treated
as a privacy breach. Notification of a privacy breach to
the affected individuals or the privacy commissioner,
or both, may be necessary. The CMPA urges affected
physicians to contact it for further guidance.
The CMPA’s article urges physicians to learn to
46
DIALOGUE ISSUE 3, 2017
recognize and avoid phishing scams and to not open
unsolicited email attachments – and to encourage staff
to be similarly aware. Physicians are also urged to seek
expert advice about implementing a layered approach
to securing their computer system.
Law enforcement agencies and cybersecurity experts
urge victims of ransomware not to pay the ransoms,
because it encourages hackers to engage in further
activity.
The CMPA says it believes that the decision to pay
the ransom depends on each situation. “[The deci-
sion] rests on your assessment of the risks and whether
you have good backups and can recover quickly. The
ransom can be considerable, and payment provides no
guarantee that the information will actually be recov-
ered. When patient care is at risk and restoring access
to medical records quickly is important, paying the
ransom is one option,” stated the article.
Other options, stated the article, include online
tools such as nomoreransom.org, a site backed by a
group of recognized cybersecurity companies, who of-
fer to unlock encrypted files at no charge. The capa-
bility of the service, however, is limited to only some
types of ransomware.
If you experience a ransomware incident, promptly
contact your IT specialist and review your options,
states the CMPA. Physicians may also report the inci-
dent to the Canadian Anti-Fraud Centre, and contact
the CMPA for further guidance.
MD
CMPA says a number of physicians’
medical files have been held hostage