We continue to warn health care organizations about the real and serious risks associated with ransomware and malware, but organizations don’t prepare for it adequately and are getting hit hard.

Just this past week, several healthcare organizations have publicly announced that they have been victims of ransomware and malware. The organizations include a dermatology practice that was the victim of a ransomware attack on its network encrypting 13,237 patient records, a California based medical billing service company that paid a ransom to get its billing records back, a prosthetic and orthotic practice was the victim of a hacking that exposed 23,000 patient records, and a hacking incident exposed 10,401 records of a Mississippi based general medical practice.

Healthcare organizations are being targeted with ransomware and malware attacks and this risk does not appear to be dissipating any time soon. Healthcare entities may wish to put this risk high on their radar screen to protect patient data from compromise and continue to focus on data security and employee education and training.