Ransomware rising, but where are all the breach reports?
Erin Whaley was quoted throughout a March 20 Healthcare IT News article about the rise in ransomware attacks in the healthcare industry. The article discussed the cost of untimely breach reporting, of which Erin shared that a company’s, “60-day timer starts the moment a breach is discovered, which is the first day the covered entity knew about the breach. And it applies to all staff within the organization. For example, when someone at the help desk learns about a breach, the timer starts then – even if it takes a week for the incident to be reported to higher staff.” In her quotes, she addresses the harm untimely reporting as it relates to violations of HIPAA, state laws as well as reputational damage. She also comments on the importance of communication; hospitals must be equipped to answer patients’ question and help them protect themselves from theft.