It's not just major healthcare providers being targeted by cyberattacks—small practices are also susceptible. Here's what to do if it happens to you.
Posted in Articles on Wednesday, May 14, 2025
Imagine arriving at your practice in the morning and sitting down to your computer to find only a blank screen, no matter what you do to turn your system on. Or, even worse, there's a message on the screen demanding a ransom to unlock it.
This is a common type of cyberattack—and even if your patient data is stored in the cloud, you may still be prevented from doing business because your systems and files are locked.
Recovering data and reimbursement for the associated financial loss—up to $150 per recovered patient file in addition to HIPAA fines—is crucial to practice sustainability. But the investigation into how the system was accessed can be priceless in helping to support and train the practice team to avoid future attacks. Everyone on the team should understand the potential implications of clicking on an attachment from an untrusted source or opening a malicious email.
Risk Tips
- Don’t panic. Remain calm.
- Don’t pay a ransomware demand. Call your insurance agent first.
- Contact your IT provider right away for assistance.
- Take a picture of the screen and note what it said at the time of the incident.
- Don’t click on any links.
With cyberattacks on the rise, anyone can be a victim. If you do experience an incident, try to avoid any knee-jerk reactions such as paying the ransomware. There are resources available to help you navigate your situation—especially if you have data breach insurance.
Additional Resources