Despite best efforts to protect the organization's health information, a hacker has breached the walls and now client files are encrypted, ransom demands have been made to restore health records and more malware may have been placed on the network
"An article from Innovative Computing Systems, a professional services firm that helps health organizations and other entities define and improve a comprehensive IT strategy, offers eight steps to immediately take after a breach.
To start, isolate the affected endpoints and servers and disconnect them from all other systems to stop malware from spreading. Do not shut down information systems until internal IT security experts have examined the systems. If the attack involved ransomware, it may make sense to reload data from backups, but don't do it without first updating security software. Otherwise, the backups could also become infected..."
Read More ...