Dental offices are required to protect EPHI in their practice, Ransomware is a huge potential danger to that EPHI
EPHI is Electronic Personal Health Information. Personal Health Information is considered any data you collect from your patients at your dental practice dealing with their healthcare. The new danger to your data is what is called “RANSOMWARE”. This is a just a title applied by the tech community to programs that are designed to encrypt your data without your knowledge and then force you to pay a high ransom to get that data back. Or in many cases it encrypts your data and there is no way to get your data back. It is lost forever.
How you can get Ransomware:
The most common way you get ransomware is by opening email attachments. Clever virus makers send emails that look like they are from legitimate sources to you and they may include what appears to be a word document or some other computer attachment. When you open the document, in the background it installs a program that you do now know is running. It selects specific file types and begins encrypting them. It encrypts them but you don’t have the encryption key and most importantly it doesn’t encrypt your system files so it could be a couple of days before you even know what is happening.
It is as if a thief broke into your house and moved all of your valuables into an indestructable safe right in your living room. There is no way you can break into the safe and get your stuff back unless the thief gives you the key to the safe. They essentially steal your stuff and make you pay to get it back.
- Antivirus software very often doesn’t recognize the software as a virus
- Antimalware software often doesn’t see the software as a virus
What makes this so dangerous you say, I have a backup you say.
- Most backups only keep a few different copies, if you don’t know you have this virus for 3 to 5 days then it is common that the ENCRYPTED BAD DATA will be backed up over your good data in the old back ups
- If your provider is using SHADOW COPIES to backup your data, this will not protect you, shadow copies get infultrated
- If you use an offsite over the internet backup you often only have one copy and the first night you backup runs it will backup the damaged data over your good data
- If you use an external hard drive but you never unplug it then it will get encrypted with all of your backup data
How to protect your EPHI from Ransomware?
The key to protecting yourself is to be aware. I have attached some screen shots of the emails I have received that appear to be emails I would want to open but every one of these emails is simply a vehicle to get me to open the attached document and infect my computer system.